← NIST CSF 2.0 in plain English

GV.SC-01

Govern / Cybersecurity Supply Chain Risk Management

A cybersecurity supply chain risk management program, strategy, objectives, policies, and processes are established and agreed to by organizational stakeholders.

Think of it likeSetting up a list of trusted service providers for home repairs.

In plain English

The family agrees on which service providers to trust for repairs and maintenance to ensure the home is well taken care of.