Supply Chain Risk Management (SCRM)
The Department of Justice (DOJ) program is designed to help agencies navigate the complexities of supply chain risks by providing expert guidance, regulatory and policy analysis, threat intelligence, and more. The DOJ is proud to offer comprehensive and cutting-edge Supply Chain Risk Management (SCRM) assessments of vendors to federal agencies.
Features:
DOJ analysts synthesize intelligence from multiple industry-leading tools and classified data
Our recommendations are curated by in-depth research and analysis of hardware and software acquisitions to identify supply chain risks, including but not limited to vendor insolvency, litigation, cyber terrorism, malware, data theft, and foreign ownership, control, or influence (FOCI) risk
Our system of supply chain threat intelligence continuously monitors and analyzes classified and open-source threat intelligence to provide you with up-to-date information on emerging threats
Upon completion, DOJ experts provide you with a point-in-time Supply Chain Risk Assessment Summary that includes a recommended risk mitigations with actionable insights
Benefits:
DOJ’s service model, processes, and tools are proven and used by the Department
DOJ stays at the leading edge of industry trends by:
Tracking supply chain legislation, regulations and policies from various sources [e.g., Federal Information Security Modernization Act (FISMA), Office of Management and Budget (OMB)/Cybersecurity and infrastructure Agency (CISA) directives, and National Institute of Standards and Technology (NIST)] to identify impacts to our program and services
Participating in government-wide supply chain initiatives, such as the Federal Acquisition Security Council (FASC)
The risk assessment can be used to evaluate the SR-6 control from NIST 800-53 Rev 5
DOJ’s shared services resource model reduces customers’ total cost of ownership
The DOJ's SCRM solution offers federal agencies an efficient way to mitigate supply chain risks. By leveraging our expertise and resources, your agency can ensure compliance, make better-informed decisions, and minimize risk exposure.