Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More

Supply Chain Risk Management Strategy (PM-3)
A Must for Federal Compliance Reporting

Overview

A strict requirement for federal contractors providing essential services to federal agencies is developing a wide-range of information security and privacy controls. Whatever the compliance mandate being imposed upon federal contractors is - FISMA, FedRAMP, eMASS RMF, DFARS NIST 800-171, CMMC, and more - information security and privacy policies and procedures are a must. Additionally, such documentation must be developed in accordance with none other than NIST SP 800-53, the unquestioned framework that’s been adopted by federal agencies - and federal contractors - since 2005.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Reporting Requirements

Per NIST SP 800-53, “An organization-wide supply chain risk management strategy includes an unambiguous expression of the supply chain risk appetite and tolerance for the organization, acceptable supply chain risk mitigation strategies or controls, a process for consistently evaluating and monitoring supply chain risk…”.

Specifically, Per PM-30 of NIST SP 800-53, organizations are to “Develop an organization-wide strategy for managing supply chain risks associated with the development, acquisition, maintenance, and disposal of systems, system components, and system services…”.

How to Get Started

Start by downloading our world-class NIST RMF Security and Privacy Policies and Procedures templates at the Arlington Security Portal (ASP).

How Arlington Can Help

We have years of experience working within the broader federal agency apparatus in helping federal contractors develop high-quality, well-written, policies and procedures and additional NIST RMF information security and privacy materials. Our NIST RMF information security and privacy policies, procedures, programs, and plans have been used by thousands of federal contractors in helping organizations develop customized documentation for their growing security and compliance needs.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.


More Briefs