An error occurred:

CCI-005058

CCI-005058 Definition

Develop and document organization-level, mission/business process-level, and/or system-level supply chain risk management policy that is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.
Status
Type CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if the [SR-01_ODP[03]; one or more of the following PARAMETER VALUES is/are selected: {organization-level; mission/business process-level; system-level}] supply chain risk management policy is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.

Validation Procedures

Examine: [SELECT FROM: Supply chain risk management policy; supply chain risk management procedures; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with supply chain risk management responsibilities; organizational personnel with information security and privacy responsibilities; organizational personnel with acquisition responsibilities; organizational personnel with enterprise risk management responsibilities].