The process of identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of IT product and service supply chains.
National Institute of Standards and Technology (NIST). (2024). The NIST Cybersecurity Framework (CSF) 2.0. https://www.nist.gov/cyberframework
