>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

16.4Establish and Manage an Inventory of Third-Party Software Components

IG2
IG3
Software
Identify

>Control Description

Establish and manage an updated inventory of third-party components used in development, often referred to as a “bill of materials,” as well as components slated for future use. This inventory is to include any risks that each third-party component could pose. Evaluate the list at least monthly to identify any changes or updates to these components, and validate that the component is still supported.

>Cross-Framework Mappings

SCF

TDA-02
Compare
TDA-02.1
Compare
TDA-02.5
Compare
TDA-04.2
Compare

>Relevant Technologies

Technology-specific guidance with authoritative sources and verification commands.

GitHub ActionsSnykSonarQube

Ask AI

Configure your API key to use AI features.