U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The FDIC’s Implementation of Supply Chain Risk Management

View Summary Announcement

Report Information

Publish Date
Report sub-type
Evaluation Report
Report Number
EVAL-22-003
Video
The FDIC’s Implementation of Supply Chain Risk Management

Unimplemented Recommendations

Establish and implement metrics and indicators to continuously monitor and evaluate supply chain risks at the FDIC.

Implement SCRM controls of the NIST RMF for IT procurements.

Develop and implement a process and procedures for conducting supply chain risk assessments.

Conduct supply chain risk assessments prior to entering into contracts with new suppliers/vendors

Conduct supply chain risk assessments prior to substantive contract actions, including renewals, extensions, and exercising option periods.