This paper intends to examine the information security risks innate to the public sector IT supply chain for software and hardware, and their effect on the integrity and availability of federal IT systems and data. It will also enumerate the various standards and impending bills governing the security of the public-sector supply chain.