STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 6 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

SR-2

Supply Chain Risk ManagementRev 5

Supply Chain Risk Management Plan

CCI Identifiers (5)

CCI-005072Develop a plan for managing supply chain risks associated with the research and development, design, manufacturing, acquisition, delivery, integration, operations and maintenance, and disposal of the following systems, system components, or system services.CCI-005073Defines the systems, system components, or system services that a plan for managing supply chain risks are developed.CCI-005074Review and update the supply chain risk management plan on an organization-defined frequency, or as required, to address threat, organizational or environmental changes.CCI-005075Defines the frequency for reviewing and updating the supply chain risk management plan.CCI-005076Protect the supply chain risk management plan from unauthorized disclosure and modification.

Linked STIG Checks (0)

No STIG checks reference this control.