RSK-09—Supply Chain Risk Management (SCRM) Plan
Weight: 10
>Control Description
Mechanisms exist to develop a plan for Supply Chain Risk Management (SCRM) associated with the development, acquisition, maintenance and disposal of Technology Assets, Applications and/or Services (TAAS), including documenting selected mitigating actions and monitoring performance against those plans.
>Cross-Framework Mappings
NIST CSF 2.0
NIST AI RMF
EU AI Act
Canada ITSP 10.171
EU AI Act (Detailed)
EU DORA
Article 28.1
CompareArticle 28.1(a)
CompareArticle 28.1(b)
CompareArticle 28.1(b)(i)
CompareArticle 28.1(b)(ii)
CompareArticle 28.2
CompareArticle 28.3
CompareArticle 28.4
CompareArticle 28.4(a)
CompareArticle 28.4(b)
CompareArticle 28.4(c)
CompareArticle 28.4(d)
CompareArticle 28.4(e)
CompareArticle 28.5
CompareArticle 28.6
CompareArticle 28.7(a)
CompareArticle 28.7(b)
CompareArticle 28.7(c)
CompareArticle 28.7(d)
CompareArticle 28.8
CompareArticle 28.8(a)
CompareArticle 28.8(b)
CompareArticle 28.8(c)
CompareSOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
A.03.11.01.a
CompareA.03.17.01.ODP[01]
CompareA.03.17.01.a[01]
CompareA.03.17.01.a[02]
CompareA.03.17.01.a[03]
CompareA.03.17.01.a[04]
CompareA.03.17.01.a[05]
CompareA.03.17.01.a[06]
CompareA.03.17.01.a[07]
CompareA.03.17.01.a[08]
CompareA.03.17.01.a[09]
CompareA.03.17.01.a[10]
CompareA.03.17.01.b[01]
CompareA.03.17.01.b[02]
CompareA.03.17.01.c
CompareA.03.17.03.ODP[01]
CompareA.03.17.03.a[01]
CompareA.03.17.03.a[02]
CompareA.03.17.03.b
CompareDHS TIC 3.0
SEC Cybersecurity Rule
Ask AI
Configure your API key to use AI features.