Xacta® Supply Chain Risk Management
Use automation to uncover security gaps in your ICT supply chain and assure your day-to-day business activities.
Supply chain risk management is a major topic of concern for many security and compliance professionals. Managing the risks and vulnerabilities associated with your organization’s information and communications technology (ICT) systems and services is a difficult task, and nearly impossible to manage without automation.
Now, Telos® introduces an Xacta 360 offering that is purpose-built to address this very specific need: Supply Chain Risk Management (SCRM). Xacta SCRM builds upon the information from authoritative supply chain risk management resources, like:
- NIST SP 800-161
- NIST SP 800-171
- NIST SP 800-53 Rev. 5
- NIST SP 800-37 Rev. 2 (RMF)
- NIST Cybersecurity Framework
Automate processes for managing supply chain risks
Conduct supply chain impact assessments
Generate risk treatment plans for each risk element of a given supply chain
Create and maintain a supply chain risk management plan for your organization
Manage multiple supply chains via individual projects and associate them to other supply chains
Support other risk management standards (CMMC, ISO 31000, DFARS)
How does the Xacta SCRM offering work?
As is true with other Xacta 360 offerings for the NIST RMF and FedRAMP, the Xacta 360 SCRM offering works much like tax preparation software, helping the user navigate the end-to-end process.
Users are presented with a series of input screens that collect and organize all of the data needed for the supply chain impact assessment. These screens are organized in a logical manner and prompt the user to answer questions and input the data needed to gain insights into supply chain risks.
The offering generates the required documents (SCRM and risk treatment plans) as a byproduct of the process. You do not have to generate these documents from scratch at the end of the process. The offering does this for you based on your inputs.
Will Xacta SCRM save me time?
Xacta SCRM will save you weeks of time interpreting and implementing the process. Smaller organizations with few cybersecurity and IA resources will realize a dramatic benefit.
The offering will save you days and perhaps weeks of time (depending on the size of your environment) establishing your IT asset and cloud resource inventory.
The offering provides recommended best practices for meeting the required security controls in your environment, which will also save you weeks of time. This content offers you a solid starting point to work from, which you may also choose to use without modification. In either case the time savings are substantial.
The document-generation process is completely automated. Xacta SCRM uses NIST-specified content and format requirements for SCRM and risk treatment plans. The offering generates these documents, based on user data inputs, in accordance with NIST specifications. This function also saves weeks of time.
Use automation to uncover and mitigate security gaps in your ICT supply chain.
Threat-informed risk management and continuous compliance.
Request a Demo
Let us show you Xacta in action.