NISTIR 8276 – Key Practices in Cyber Supply Chain Risk Management: Observations from Industry

Cybersecurity and Infrastructure Security Agency – Vendor Supply Chain Risk Management (SCRM) Template

Cybersecurity and Infrastructure Security Agency – A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan

NIST – Cybersecurity Supply Chain Risk Management Fact Sheet

NIST – Cybersecurity Supply Chain Risk Management (C-SCRM)

CMMC Level 3 Assessment Guide

NIST SP 800-161 Rev 1 Supply Chain Risk Management Practices for Federal Information Systems and Organizations