The NERC established standard, CIP-013-1 Cyber Security - Supply Chain Risk Management, highlights the critical role of supply chain risk management. It requires Responsible Entities to develop and implement thorough vendor risk management plans and procedures to mitigate cybersecurity risks associated with the supply chain. Complying with the CIP-013-1 Cyber Security - Supply Chain Risk Management regulation requires effective vendor risk management in the energy industry. Learn more.