An integral part of NASA’s Office of Cybersecurity Services (OCIO), the Information and Communications (ICT) Supply Chain Risk Management (SCRM) team consists of eight analysts who bring their intelligence, keen insight and roll-up-their-sleeves attitude to work every day to ensure the quality, security, integrity and resilience of all mission-critical systems and components at NASA. The ICT SCRM team conducts supply chain risk assessments on information and communication technology (ICT) products and services acquired by the agency. This includes, but is not limited to, commercial off-the-shelf (COTS) hardware, software and cloud services. A small, but mighty, team, ICT SCRM processes thousands of cyber risk assessment requests per year.
And their consistent near-90% customer satisfaction rating proves that not only does this team do its job—they do it well.
With a visionary civil servant leader at the helm, the ICT SCRM team is always innovating and evolving. From a former university history professor to an app developer for Google, the ICT SCRM team brings varied backgrounds, education and expertise to the table to better protect the agency’s missions by implementing and improving the assessment process. One of team’s most noteworthy accomplishments to date was the transition from its legacy Request for Information Process (RFI) to the new, ServiceNow-based Communications and Technology Supply Chain Request Needed (CATSCAN), which was formally launched in 2021. The team worked diligently to gather and document requirements, perform testing and continues to collaborate with developers to implement improvements to ensure an optimal customer experience.
Since launch, the team has processed more than 6000 CATSCANs.
In April 2022, the team hosted its 2nd Annual Supply Chain Integrity Month event. The theme of this year’s event was “Identifying and Protecting NASA’s Crown Jewels Through Resilient Partnerships” and provided NASA’s IT community a unique opportunity to learn about SCRM related topics and trends from esteemed supply chain risk experts from across NASA, the federal space and industry. As if executing an exceptional event was NASA was not enough of a reason to celebrate, the event was also the first time that the entire team, which is dispersed all over the country, to meet and spend time with each other in person.
Now with a renewed sense of collaboration and commitment, the ICT SCRM team is fueled and ready to make 2022 another banner year for NASA cybersecurity.
