Lots of useful insights are found in Ireland's Baseline Standards document with regard to supply chain and other areas in need of cybersecurity protections:

Baseline Cyber Security Standards align with the NIST Framework

In order to effectively address the multiple public sector Information and Communications Technology (ICT) challenges and to improve the resilience and security of public sector ICT systems, a series of measures will be set out to develop and deploy a Cyber Security Baseline Standard to be applied to Government ICT systems and services. The recommendation of the Steering Group is that the Cyber Security Baseline Standards would apply to all Public Service Bodies.1 The process for drawing up the standards was managed by a Steering Group with representation from stakeholders in Government Departments and agencies.

All stakeholders, components, and services must be identified, prioritised, and assessed using a cyber supply chain risk assessment process.

Agreements with third parties should include requirements to address the cyber security risks associated with ICT services and the supply chain.

Identifying a Supply Chain Risk Management strategy including priorities, constraints, risk tolerances, and assumptions used to support risk decisions associated with managing supply chain risks.