|
control enhancementRA-3(1)
Supply Chain Risk Assessment (RA-3(1))
Assess supply chain risks associated with [organization-defined] ; and Update the supply chain risk assessment [organization-defined] , when there are significant changes to the relevant supply chain, or when changes to the system, environments of operation, or other conditions may necessitate a change in the supply chain.
Security Baselines
LOWMODERATEHIGH
risk-assessmentvulnerabilitythreatenhancement
Why These Connect
Enhances1
These enhancements add specific capabilities or refinements to the base control.
Baselined In3
This control is included in the linked security baseline (LOW, MODERATE, or HIGH).