← NIST CSF 2.0 in plain English

GV.SC-10

Govern / Cybersecurity Supply Chain Risk Management

Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement.

Think of it likeCollecting the spare key and changing the alarm code after a contractor finishes working at your house.

In plain English

When a service provider's job is done, the family makes sure to take back any keys, remove their access, and settle anything left over from the arrangement.