The Cybersecurity and Infrastructure Security Agency (CISA) recently released a new resource guide aimed at helping small and medium sized businesses develop supply chain resilience plans.  The goal of the guide is “to ensure the availability, integrity, and confidentiality of ICT products, services, and components throughout the supply chain while minimizing disruptions and vulnerabilities”.  The guide seeks to do this through helping private and public sector stakeholders create an efficient and effective supply chain risk management plan (SCRM).  Below is a summary of the eight-step plan to developing a SCRM:

1. Executive Summary (Objective of your SCRM).

2. Identify critical suppliers.

3. Identity supply chain risks to your critical assets.

4. Implement supplier diversity.

5. Develop a vendor attestation process.

6. Develop a continency plan.

7. Train your employees.

8. Continuously monitor and improve.

The full guide and additional information can be found here.

Published Date

October 31, 2023


Cyber Security, Design Build, Education, Employee Safety, Sustainability, Technology


United States


Controlled Environment Building, GCCA Transportation, GCCA Warehouse, Global Cold Chain Foundation