Requirement for IT supply chain risk assessments is included in bill for Commerce, Justice

FedScoop: An early version of the fiscal 2019 spending bill for many of the government’s law enforcement and science agencies would block them from buying IT systems that have not been evaluated for security vulnerabilities introduced intentionally at some point in their development.

The House Appropriations subcommittee that handles spending for the Department of Commerce, Department of Justice, National Science Foundation and NASA included a provision requiring all four to conduct supply chain risk assessments before acquiring sensitive IT systems. The panel approved the spending bill on Wednesday. It now moves to the full committee.

Read article

Share