An official website of the State of Georgia.
How you know
The GTA Enterprise Supply Chain Security Controls Policy (PS-20-002) helps agencies identify, assess, select, and implement supply chain risk management processes and controls.
Risk increases with a lack of visibility across the supply chain, including how the acquired technology is developed, integrated, and deployed. Supply chain risks may include the insertion of counterfeit or malicious hardware and software components, device tampering, data/information theft, and poor manufacturing and development practices. Visibility into practices used to assure the integrity, security, resilience, and quality of the products and services helps reduce these risks.
GTA uses varied and standardized practices that make it easier to consistently measure and manage IT supply chain risks across different integrators, suppliers, and external service providers. Additional guidance on supply chain security controls is included in the resources listed below.
Supply chain security controls guidance
The state of Georgia will consult the Federal Communications Commission, U.S. Department of Defense, and U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency for supply chain security guidance. Products that are determined to be a threat to national security by these entities will not be permitted for use by Georgia executive branch agencies.
This page will continue to be updated as third-party IT vendors and products are disapproved. The vendors and products below have been determined to be a threat to national security and will not be permitted for use by Georgia executive branch agencies.
Disapproved IT third-party vendors or products
