Navigate

SA-12 (13)

SA-12 (13): Critical Information System Components

The organization employs [Assignment: organization-defined security safeguards] to ensure an adequate supply of [Assignment: organization-defined critical information system components].

Supplemental

Adversaries can attempt to impede organizational operations by disrupting the supply of critical information system components or corrupting supplier operations. Safeguards to ensure adequate supplies of critical information system components include, for example: (i) the use of multiple suppliers throughout the supply chain for the identified critical components; and (ii) stockpiling of spare components to ensure operation during mission-critical times.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
NC3

Related Controls

The controls below (if any) were marked by NIST as being related to SA-12 (13).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of SA-12 (13).

Control	Description
No controls

Related CCIs

The CCIs below are tied to SA-12 (13).

CCI	Definition
CCI-003218	The organization employs organization-defined security safeguards to ensure an adequate supply of organization-defined critical information system components.
CCI-003219	The organization defines the security safeguards to be employed to ensure an adequate supply of organization-defined critical information system components.
CCI-003220	The organization defines the critical information system components for which organization-defined security safeguards are employed to ensure adequate supply.