← NIST CSF 2.0 in plain English

GV.SC-05

Govern / Cybersecurity Supply Chain Risk Management

Requirements to address cybersecurity risks in supply chains are established, prioritized, and integrated into contracts and other types of agreements with suppliers and other relevant third parties.

Think of it likeSetting expectations with a contractor before starting home renovations.

In plain English

The family agrees on what they expect from a contractor before work begins, like making sure they follow safety protocols.