In NIST SP 800-53, the SR control family is "Supply Chain Risk Management." It covers how organizations manage cybersecurity and integrity risks arising from suppliers, integrators, and service providers. In industrial and regulated plants, SR controls affect vendor selection, contracting, system procurement, and how OT/IT assets are introduced and maintained. Effective use requires alignment with existing procurement, engineering change, validation, and quality processes and cannot be treated as a standalone IT checklist.