P-SSCRM Assessments

While working with the nine organizations described in Establishing a Baseline of Software Supply Chain Security Task Adoption by Software Organizations we applied an interview protocol based on the P-SSCRM practices and controls that yielded actionable qualitative data about each organization’s software supply chain risk management framework.

You can conduct an informal assessment of your software supply chain risk management framework by reading the questions associated with each control and working with your team to answer them.

If you would like a formal assessment, please reach out to us.