Supply chain security

Effective April 1, 2020


The GTA Enterprise Supply Chain Security Controls Policy (PS-20-002) helps agencies identify, assess, select, and implement supply chain risk management processes and controls.


Risk increases with a lack of visibility across the supply chain, including how the acquired technology is developed, integrated, and deployed. Supply chain risks may include the insertion of counterfeit or malicious hardware and software components, device tampering, data/information theft, and poor manufacturing and development practices. Visibility into practices used to assure the integrity, security, resilience, and quality of the products and services helps reduce these risks.



The state of Georgia will consult the Federal Communications Commission, U.S. Department of Defense, and U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency for supply chain security guidance. Products that are determined to be a threat to national security by these entities will not be permitted for use by Georgia executive branch agencies.