From 6bbe70ec972cc85f47256897d64c1a4743a861ea Mon Sep 17 00:00:00 2001 From: Hans Thorhauge Dam Date: Wed, 17 Apr 2024 13:38:41 -0300 Subject: [PATCH 1/2] Add CMMC link reference --- en/0x91-Appendix-B_References.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en/0x91-Appendix-B_References.md b/en/0x91-Appendix-B_References.md index f8f52a2..28ff92c 100644 --- a/en/0x91-Appendix-B_References.md +++ b/en/0x91-Appendix-B_References.md @@ -15,7 +15,7 @@ The following resources may be useful to users and adopters of this standard: ## Others * [InnerSource](https://www.oreilly.com/library/view/adopting-innersource/9781492041863/ch01.html) -* [Cybersecurity Maturity Model Certification (CMMC)](https://www.acq.osd.mil/cmmc/) +* [Cybersecurity Maturity Model Certification (CMMC)](https://dodcio.defense.gov/CMMC/) * [NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf) * [NIST 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161.pdf) * [NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations](https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) From 38ebde309fc7999aeb95859832cd2e8020755858 Mon Sep 17 00:00:00 2001 From: Hans Thorhauge Dam Date: Wed, 17 Apr 2024 13:39:07 -0300 Subject: [PATCH 2/2] Add EEI link reference --- en/0x91-Appendix-B_References.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en/0x91-Appendix-B_References.md b/en/0x91-Appendix-B_References.md index 28ff92c..1808aa5 100644 --- a/en/0x91-Appendix-B_References.md +++ b/en/0x91-Appendix-B_References.md @@ -20,7 +20,7 @@ The following resources may be useful to users and adopters of this standard: * [NIST 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161.pdf) * [NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations](https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) * [NTIA Documents on Software Bill of Materials](https://www.ntia.doc.gov/SBOM) -* [Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk](https://www.eei.org/issuesandpolicy/Documents/EEI%20Law%20-%20Model%20Procurement%20Contract%20Language.pdf) +* [Model Procurement Contract Language Addressing Cybersecurity Supply Chain Risk](https://www.eei.org/-/media/Project/EEI/Documents/Issues-and-Policy/Model--Procurement-Contract.pdf) * [Guide on Cybersecurity Procurement Language in Task Order Requests for Proposals for Federal Facilities](https://www.pnnl.gov/main/publications/external/technical_reports/PNNL-28661.pdf) * [Energy Sector Control Systems Working Group (ESCSWG)](https://www.energy.gov/sites/prod/files/2014/04/f15/CybersecProcurementLanguage-EnergyDeliverySystems_040714_fin.pdf)