An error occurred:

CCI-005078

CCI-005078 Definition

Defines the supply chain risk management activities that will be led by a supply chain risk management team consisting of organization-defined personnel, roles, and responsibilities.
Status
Type CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if a supply chain risk management team consisting of [SR-02(01)_ODP[01]; the personnel, roles, and responsibilities of the supply chain risk management team are defined] is established to lead and support [SR-02(01)_ODP[02]; supply chain risk management activities are defined].

Validation Procedures

Examine: [SELECT FROM: Supply chain risk management policy; supply chain risk management procedures; supply chain risk management team charter documentation; supply chain risk management strategy; supply chain risk management implementation plan; procedures addressing supply chain protection; system security plan; privacy plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with acquisition responsibilities; organizational personnel with information security and privacy responsibilities; organizational personnel with supply chain risk management responsibilities; organizational personnel with enterprise risk management responsibilities; legal counsel; organizational personnel with business continuity responsibilities].