The push for supply chain risk management standards is growing across the government. The Defense Department’s Cybersecurity Maturity Model Certification (CMMC) requirements that are under review may get most of the attention, but the National Institute of Standards and Technology, the ISO certification organization and several other efforts also are out there muddying the supply chain waters.
To help add some clarity to this growing body of water, NASA SEWP partnered with experts to compare the NIST and ISO standards.
Joanne Woytek, the program director for NASA SEWP, said this crosswalk effort will help agencies and vendors alike to have confidence in the technology products and services they are buying.