SP 800-161 Rev 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

This may include the vulnerability scan report, penetration testing results, and audit results. Moreover, teams document risk-related decisions, including risks taken and the ratio