• Online, Self-Paced
Course Description

Using Cyber Supply Chain Risk Management (C-SCRM) to mitigate the risks associated with the distributed and interconnected nature of IT/OT product and service supply chains requires close coordination and information-sharing with reliable allies and constant monitoring for and evaluation of security risks and openings. Learners will gain a basic understanding of C-SCRM, including its central ideas, recommended procedures, and established norms. This course introduces how to create and execute effective C-SCRM strategies to safeguard their organizations’ IT and OT systems against cyber risks originating in the supply chain via a mix of theoretical understanding and real-world experiences.

Learning Objectives

Upon successful completion of this course, learners should have the knowledge and skills to:

  • Detect supply chain threats and vulnerabilities
  • Evaluate risk as part of supplier selection
  • Examine third-party security policies, practices, and protocols
  • Leverage supply chain security standards and frameworks
  • Develop incident response and recovery
  • Use C-SCRM to manage contracts
  • Mitigate insider threats and monitor systems

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Program/Project Management and Acquisition
  • Risk Management
  • Systems Requirements Planning

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.