Eleos | Home

Supply Chain Risk Management (SR)

Notification Agreements

Level N/A

Establish agreements and procedures with entities involved in the supply chain for the system, system component, or system service for the [Selection (one or more): notification of supply chain compromises; results of assessments or audits; [Assignment: organization-defined information]].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-8

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

DSP-18

STA-09

TPM-05.1

Solutions
Community

Supply Chain Risk Management (SR)

Tamper Resistance and Detection

Level N/A

Implement a tamper protection program for the system, system component, or system service.

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-9

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

AIS-06

STA-14

AST-15

Solutions
Community

Supply Chain Risk Management (SR)

Tamper Resistance and Detection | Multiple Stages of System Development Life Cycle

Level N/A

Employ anti-tamper technologies, tools, and techniques throughout the system development life cycle.

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-9(1)

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

AIS-06

STA-14

AST-15

Solutions
Community

Supply Chain Risk Management (SR)

Inspection of Systems or Components

Level N/A

Inspect the following systems or system components [Selection (one or more): at random; at [Assignment: organization-defined frequency], upon [Assignment: organization-defined indications of need for inspection]] to detect tampering: [Assignment: organization-defined systems or system components].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-10

Related

Compliance Framework

Secure Controls Framework 2023.4

Control Number

AST-15.1

TDA-11

Solutions
Community

Supply Chain Risk Management (SR)

Component Authenticity

Level N/A

a. Develop and implement anti-counterfeit policy and procedures that include the means to detect and prevent counterfeit components from entering the system; and b. Report counterfeit system components to [Selection (one or more): source of counterfeit component; [Assignment: organization-defined external reporting organizations]; [Assignment: organization-defined personnel or roles]].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-11

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

HRS-12

STA-14

TDA-11

Solutions
Community

Supply Chain Risk Management (SR)

Component Authenticity | Anti-counterfeit Training

Level N/A

Train [Assignment: organization-defined personnel or roles] to detect counterfeit system components (including hardware, software, and firmware).

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-11(1)

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

HRS-12

STA-14

TDA-11.1

Solutions
Community

Supply Chain Risk Management (SR)

Component Authenticity | Configuration Control for Component Service and Repair

Level N/A

Maintain configuration control over the following system components awaiting service or repair and serviced or repaired components awaiting return to service: [Assignment: organization-defined system components].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-11(2)

Related

Compliance Framework

Secure Controls Framework 2023.4

Control Number

MNT-07

Solutions
Community

Supply Chain Risk Management (SR)

Component Authenticity | Anti-counterfeit Scanning

Level N/A

Scan for counterfeit system components [Assignment: organization-defined frequency].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-11(3)

Related

Compliance Framework

CCM v4.0.10

Secure Controls Framework 2023.4

Control Number

STA-14

TDA-11

Solutions
Community

Supply Chain Risk Management (SR)

Component Disposal

Level N/A

Dispose of [Assignment: organization-defined data, documentation, tools, or system components] using the following techniques and methods: [Assignment: organization-defined techniques and methods].

Parent

Compliance Framework

NIST 800-53 Rev 5

Control Number

SR-12

Related

Compliance Framework

Secure Controls Framework 2023.4

Control Number

AST-09

TDA-11.2

Solutions
Community

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Supply Chain Risk Management (SR)

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Organization Passcode

Only share this code with people you trust. Users will become a member of your organization and view your SSP and reports.