Please use this identifier to cite or link to this item:
https://dair.nps.edu/handle/123456789/4637
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Carol Woody | - |
dc.date.accessioned | 2022-05-06T22:00:27Z | - |
dc.date.available | 2022-05-06T22:00:27Z | - |
dc.date.issued | 2022-05-06 | - |
dc.identifier.citation | Published--Unlimited Distribution | en_US |
dc.identifier.uri | https://dair.nps.edu/handle/123456789/4637 | - |
dc.description | SYM Presentation | en_US |
dc.description.abstract | Supply chain cyber risks stem from many organizational dependencies—in particular, pro-cessing, transmitting, and storing data; information technology; and communications technolo-gy. These risks are broad, significant, and growing as outsourcing options expand. Important mission capabilities can be undermined by an adversary’s cyber-attack on third parties, even when the organization does not explicitly contract for technology. Virtually all products or ser-vices an organization acquires are supported by or integrate with information technology that in-cludes third-party components/services. Practices critical to monitoring and managing these risks are scattered across the organization, resulting in inconsistencies, gaps, and slow response to disruptions. The Acquisition Security Framework (ASF) contains leading practices to support programs acquiring/building a secure, resilient software-reliant system to manage these risks. It defines the organizational roles that must effectively collaborate to avoid gaps and inconsisten-cies. It also establishes how an organization should ensure effective supply chain risk manage-ment that supports its mission and objectives. The framework contains proven, effective goals and leading practices, and it is consistent with supply chain risk management guidelines from the International Organization for Standardization (ISO), National Institute of Standards and Technol-ogy (NIST), and Department of Homeland Security (DHS). | en_US |
dc.description.sponsorship | Acquisition Research Program | en_US |
dc.language.iso | en_US | en_US |
dc.publisher | Acquisition Research Program | en_US |
dc.relation.ispartofseries | Acquisition Management;SYM-AM-22-123 | - |
dc.subject | Supply Chain Risk Management | en_US |
dc.subject | Information Technology (IT) | en_US |
dc.subject | Department of Homeland Security (DHS) | en_US |
dc.subject | Communications (JCA-FA-ENKES) | en_US |
dc.title | Acquisition Security Framework (ASF) | en_US |
dc.type | Presentation | en_US |
Appears in Collections: | Annual Acquisition Research Symposium Proceedings & Presentations |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
SYM-AM-22-123.pdf | Presentation | 1.44 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.