Skip to main content

For supply chain controls: CSPs can define what systems, components, and services fall under the SCRM (SR-2), but is it the intent of the FedRAMP PMO that this only be focused on the paid-vendor or large components?

Comments

0 comments

Please sign in to leave a comment.