The Cybersecurity and Infrastructure Security Agency (CISA) has released the latest version of a report from its Information and Communications Technology Supply Chain Risk Management Task Force, adding information on impacts and mitigating controls for threat scenarios provided in the original report published in February 2020. The additional material is included in Appendix C, Threat Scenarios. The objective of the task force’s work is to provide a practical, example-based guidance on supply chain risk management threat analysis and evaluation that can be applied by procurement or source selection officials to assess risks and develop practices and procedures to manage the impact of these threats. Access the report at CISA.