This regulation assigns responsibilities and prescribes policies for developing plans to protect critical program information, conducting supply-chain risk management, and performing damage assessment activities resulting from a compromise of unclassified program information. It provides a disciplined approach for managing the …Read More