← NIST CSF 2.0 in plain English

GV.SC-06

Govern / Cybersecurity Supply Chain Risk Management

Planning and due diligence are performed to reduce risks before entering into formal supplier or other third-party relationships.

Think of it likeResearching a contractor before hiring them.

In plain English

The family checks references and reviews before hiring someone to work on the house, ensuring they’re trustworthy.