Develop a strategy to ensure that products, system components, systems, and services of external providers are consistent with the organization’s cybersecurity and supply chain requirements.