Home / Acquisition & Procurement / NIST Wants to Assess IT Supply Chain Component Origin Risks

NIST Wants to Assess IT Supply Chain Component Origin Risks

CyberCrimeKeyboardThe National Institute for Standards and Technology has added the source of information technology components to its draft guidance as part of efforts to address supply chain risks, FCW reported Thursday.

Adam Mazmanian writes “Supply Chain Risk Management: Practices for Federal Information Systems and Organizations” is meant to require suppliers, integrators and agency buyers to monitor the provenance and movements of IT products and services.

“Provenance is used when ascertaining the source of goods such as computer hardware to assess if they are genuine or counterfeit,” the guidance says, according to FCW.

NIST intends for the measure to prevent malware, property theft and cyber attacks, Mazmanian reports.

Current legislation requires all IT acquisitions from China made by NASA, the National Science Foundation and the departments of Commerce and Justice to undergo special risk assessment and verification.

Mazmanian reports that House appropriators want to extend that legislation to fiscal 2014.

Check Also

SEC to Address Financial Technology Concerns, Innovations via New Hub

The Securities and Exchange Commission has opened a hub where it can coordinate with public and private sector entities to address concerns and initiate developments in financial technology.

Leave a Reply

Your email address will not be published. Required fields are marked *