PM-30.1 ยท Suppliers of Critical or Mission-essential Items

Control Description

Identify, prioritize, and assess suppliers of critical or mission-essential technologies, products, and services.

Impact Baselines
Security baselines where this control applies
Not in any baseline
Control Properties
SP800-53-enhancement
organization
Assurance
Enhancement
Control Statement
The control requirements

Identify, prioritize, and assess suppliers of critical or mission-essential technologies, products, and services.

Supplemental Guidance

The identification and prioritization of suppliers of critical or mission-essential technologies, products, and services is paramount to the mission/business success of organizations. The assessment of suppliers is conducted using supplier reviews (see [SR-6](#sr-6) ) and supply chain risk assessment processes (see [RA-3(1)](#ra-3.1) ). An analysis of supply chain risk can help an organization identify systems or components for which additional supply chain risk mitigations are required.

Related NIST Controls
Other NIST 800-53 controls related to this one
RA-03
SR-06