PF 2021-36 Chief Information Officer’s Supply Chain Risk Management Program

DATE: September 1, 2021

Chief Information Officer’s Supply Chain Risk Management Program

TO: HCAs/Procurement Directors/Contracting Officers FROM: Director, Contract and Financial Assistance Policy Division, Office of Policy, Office of Acquisition Management

Policy Flash 2021 – 36 provides this Acquisition Letter (AL) AL-2021– 06 to provide guidance to DOE/NNSA Contracting Officer’s (COs) on the use of the Chief Information Officer’s (CIO) Supply Chain Risk Management Program (OCIO SCRM Program) in conducting Supply Chain Risk Management (SCRM) for Information and Communication Technology (ICT) related procurements. The OCIO SCRM Program is one aspect of an overall SCRM program intended to support the CO in their responsibility not to procure ICT end items determined to have an unacceptable risk to DOE/NNSA.

For DOE questions concerning this policy flash, please email: DOE_oapmpolicy@hq.doe.gov

For NNSA questions concerning this policy flash, please contact Ariane S. Kaminsky, Ariane.Kaminsky@nnsa.doe.gov and Drake Russell, Drake.Russell@nnsa.doe.gov