top of page
Top Best Highest Rated CMMC Licensed Training Provider LTP

NIST C-SCRM Fundamentals

Price

$1,495.00

Title: NIST Cyber-Supply Chain Risk Management (C-SCRM) Fundamentals

  • Modalities:

  • Duration: 2 days

 

Overview 

This course is designed to introduces students to the foundational concepts behind the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-161 and related supply cyber-supply chain risk management topics. 

 

Who Should Attend

  • Line of Business Leadership
  • Non-Technical Managers
  • Technical Managers
  • Industry Members (e.g., Manufacturing Extension Program, State-Federal Liaisons)

 

Course Agenda

  • Day 1 (AM):
    • Introductions
    • What is supply chain risk management
    • What is the relationship between supply chain risk management and multilevel enterprise risk management
    • NIST’s cyber supply chain risk management program
    • How does C-SCRM fit into traditional supply chain risk management
    • The role of NIST SP 800-161
    • Supplemental materials
    • Legal and regulatory relationships
      • Executive Order 14028: Improving the Nation’s Cybersecurity
      • The SECURE Technology Act
      • The Federal Acquisition Supply Chain Security Act of 2018 (FASCSA)
      •  The Federal Acquisition Security Council (FASC) Rule
  • Day 1 (PM):
    • C-SCRM critical success factors
      • Acquisition
      • Supply chain information sharing
      • Training and awareness
      • Measures
      • Resources
    • C-SCRM focus areas
      • Foundational practices
      • Enterprise-wide practices
      • Risk management practices
        • Risk
        • Threats and vulnerabilities
      • Critical systems
  • Day 2 (AM):
    • C-SCRM control selection
    • C-SCRM control families
      • Access control
      • Awareness and training
      • Audit and accountability
      • Assessment, authorization, and monitoring
      • Configuration management
      • Contingency planning
      • Identification and authentication
      • Incident response
      • Maintenance
      • Media protection
      • Physical and environmental protection
      • Planning
      • Program management
      • Personnel security
      • Personally identifiable information processing and transparency
      • Risk assessment
      • System and services acquisition
      • System and communications protection
      • System and information integrity
      • Supply chain risk management
  • Day 2 (PM):
    • C-SCRM control summary mapping to NIST SP 800-53
    • C-SCRM control flow down to sub-contractors
    • C-SCRM implementation planning and strategies
    • Review
    • Exam

Quantity

bottom of page