The Defense Intelligence Agency (DIA) Threat Assessment Reports provide specific and timely threat characterization of an identified suppliers to the Program Manager (PM) and Program Management Office (PMO). They are used to assist in selecting the supplier and/or architecture alternatives and developing appropriate mitigations for supply chain risks. 
Website: Defense Intelligence Agency (DIA)
Supplier threat assessment requests are submitted to DIA and developed based on a criticality analysis. An annotated Work Breakdown Structure (WBS) that identifies the suppliers of the critical functions components may be used to assist with the creation of the TAC requests. Supplier threat assessment requests may be submitted as soon as sources of critical capability are identifiable. Near the end of the Materiel Solution Analysis (MSA) Phase, as some threat information is available from the Capstone Threat Assessment (CTA), identified technologies and potential suppliers, Supply Chain Risk Management (SCRM) Threat Assessments may be used to assist in defining lowest risk architectures, based on suppliers for particular architecture alternatives. 
Early in the system life-cycle the threat requests may be more focused on suppliers in general technology areas to inform architecture choices Later in the system life-cycle they may be more focused on critical components defined in the criticality analysis. 
For the policy and procedures regarding the request, receipts, and handling of TAC reports, refer to DoD Instruction O-5240.24 (Controlled Document).
AcqLinks and References: