• Requirement

    Coordinate incident handling activities involving supply chain events with other organizations involved in the supply chain.

  • Discussion

    Organizations involved in supply chain activities include product developers, system integrators, manufacturers, packagers, assemblers, distributors, vendors, and resellers. Supply chain incidents can occur anywhere through or to the supply chain and include compromises or breaches that involve primary or sub-tier providers, information technology products, system components, development processes or personnel, and distribution processes or warehousing facilities. Organizations consider including processes for protecting and sharing incident information in information exchange agreements and their obligations for reporting incidents to government oversight bodies (e.g., Federal Acquisition Security Council).

More Info

  • Title

    Incident Handling | Supply Chain Coordination
  • Family

    Incident Response
  • Related NIST 800-53 ID


CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!