All Resources

The Model

NATF Supplier Cyber Security Assessment Model Overview

Supplier Cyber Security Assessment Model

NATF Cyber Security Criteria for Suppliers

Energy Sector Supply Chain Risk Questionnaire (Unformatted, Formatted)

Resources

Documents

EEI Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk

Entity Guidance on Third-party Assessment Scope; Types of Evidence Supporting Criteria Adherence (under development)

NATF CIP-013-1 Implementation Guidance

NATF Guidance for CIP-010-3 Software Integrity

Presentations

Industry Organizations Aligned Approach for Supply Chain Cyber Security Webinar 02242020 Slides

The Energy Sector Supply Chain Risk Questionnaire Webinar Slides 05192020

Large Entity Use Case Webinar Slides 06022020

Supply Chain sites

Contributing Organizations

Related Government Activity

NERC Supply Chain Risk Mitigation Program Initiatives Webpage

PwC: Are you inundated with vendor management questionnaires? SOC 2 reporting can help