N
|
controlSR-6

Supplier Assessments and Reviews (SR-6)

Assess and review the supply chain-related risks associated with suppliers or contractors and the system, system component, or system service they provide [organization-defined].

Security Baselines

MODERATEHIGHLOW
supply-chainacquisitionthird-partyrisk

Why These Connect

Baselined In2

This control is included in the linked security baseline (LOW, MODERATE, or HIGH).

Supports26

These related controls work together — a change to one may affect the others.

Enhances1

These enhancements add specific capabilities or refinements to the base control.

Related Controls(13)

AT-3Role-based Training (AT-3)
LMH
CA-7Continuous Monitoring (CA-7)
LMH
CA-8Penetration Testing (CA-8)
H
PE-16Delivery and Removal (PE-16)
LMH
PM-30Supply Chain Risk Management Strategy (PM-30)SA-10Developer Configuration Management (SA-10)
MH
SA-11Developer Testing and Evaluation (SA-11)
MH
SA-15Development Process, Standards, and Tools (SA-15)
MH
SA-21Developer Screening (SA-21)
H
SA-24Design For Cyber Resiliency (SA-24)SI-7Software, Firmware, and Information Integrity (SI-7)
MH
SR-3Supply Chain Controls and Processes (SR-3)
LMH
SR-5Acquisition Strategies, Tools, and Methods (SR-5)
LMH

Control Enhancements(1)

SR-6(1)Testing and Analysis (SR-6(1))

See Also

@SP 800-53 OverviewCompare Baselines