The FDIC’s Implementation of Supply Chain Risk Management
Report Information
Unimplemented Recommendations
Establish and implement metrics and indicators to continuously monitor and evaluate supply chain risks at the FDIC.
Implement SCRM controls of the NIST RMF for IT procurements.
Develop and implement a process and procedures for conducting supply chain risk assessments.
Conduct supply chain risk assessments prior to entering into contracts with new suppliers/vendors
Conduct supply chain risk assessments prior to substantive contract actions, including renewals, extensions, and exercising option periods.