Home / DHS / OMB Releases Interim Rule to Address IT Supply Chain Security Risks

OMB Releases Interim Rule to Address IT Supply Chain Security Risks

The Office of Management and Budget (OMB) has issued an interim final rule detailing how the Federal Acquisition Security Council (FASC) will evaluate threat information and recommend issuance of orders to remove or exclude certain products from future procurements or information systems as part of efforts to protect the information and communications technology and services supply chain.

The interim rule directs the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) to serve as FASC’s information sharing agency, which will help facilitate the operations of a task force for supply chain risk management (SCRM) and standardize procedures for disseminating supply chain data.

OMB said the SCRM task force will be composed of technical experts who will help the council carry out risk assessment, risk analysis and data sharing functions.

According to the document, FASC is an interagency council led by a senior-level OMB official and includes representatives from the departments of Defense (DoD), Homeland Security (DHS), Commerce (DOC), Justice (DOJ), Office of the Director of National Intelligence (ODNI) and the General Services Administration (GSA).

The interim final rule is slated for publication in the Federal Register Tuesday and will be open for public comments in the next 60 days.

You may also be interested in...

CISA Issues Telework Security Toolkit

The Cybersecurity and Infrastructure Security Agency (CISA) has released a toolkit to help agencies, information technology teams and teleworking personnel ensure the security of systems and data amid remote work settings. In addition, CISA recommends that agencies establish a “cyber secure, hybrid culture” for remote work and enact policies that focus on human behavior and cyber hygiene basics.