Almost every defense contractor makes one or more of these design errors when they start building their CMMC Level 3 network
Hello all, here is the news from the last few weeks. Not a whole lot going on in public or officially, but it feels like we are getting close to some major milestones. CMMC Town Hall from February https://cmmcab.org/videos/cmmc-town-hall-february-2021/ According Read More
A guided review of DFARS 252.204-7012 covering the topics: What is a covered contractor information system? What is Covered Defense Information?
How to video and training on what a System Security Plan is, what it is used for, and what a high quality one looks like!
CMMC news for February 2021. The CMMC-AB Statement of Work is released. Status of reciprocity for FedRAMP and ISO 27001, CAICO upda…
This Q&A session with Ben Tchoubineh (CMMC-AB Chair, Training Committee) delves deeply into the CAICO and current state of CMMC training
Answers to common questions about how to submit your NIST SP 800-171 self assessment to SPRS. Register an account, how to handle multiple…
This is Part 3 of our CMMC Assessment series with Jeff Dalton (the lead trainer of the CMMC Provisional Assessors). Q&A about assessments!
Second interview with Jeff Dalton (CMMC-AB) about the CMMC assessment process. Topics relevant to every defense contractor, non-technical.
This article gives examples and explanations of how to identify your CMMC scope to an assessor when you are planning…
This article is a deep-dive on CMMC practice SC.1.175 which requires control and monitoring of communications at external boundaries and…
The latest news about CMMC (January 2021). CISA offers free cybersecurity resources. Interviews about CMMC assessments and Q&A. Status of…
Interview with Jeff Dalton (CMMC-AB) about CMMC assessments. Who is authorized to perform assessments? When should you do a pre-assessment? Can you fix issues found during an assessment?
CMMC news for January 5, 2021. C3PAOs need FedRAMP High clouds. Assessment Guides > Appendixes. Congress mandates CMMC assessments against…
This page is an index of LinkedIn discussions and posts about CMMC and 800-171. It will be updated over time with new topics.
This interview with Regan Edens (CMMC-AB Chairman of the Standards Management Committee) clarifies clouds and CMMC, FedRAMP, and DFARS questions for Organizations Seeking Certification (OSCs)
The CMMC Level 3 Assessment Guide is published! Video about how to read and use it. Critical review of the guide by Amira Armond.
Second interview with Jeff Dalton (CMMC-AB) and Amira Armond (CMMCAudit.org) on the topics of C3PAOs, CAs, Instructors, and Ethics
CMMC Registered Practitioner is abbreviated “CMMC RP” The CMMC RP is a person who specializes in helping companies prepare for the CMMC. The CMMC-AB website is the official source of information about the Registered Practitioner Program. CMMC-AB Registered Practitioner Page Read More
Video explanation from the authors of the CMMC Level 1 Assessment Guide (CMU-SE), and review by CMMCaudit.org
This article is an in-depth review of the CMMC Level 2 Requirement RM.2.142 on the topic of vulnerability scanning. I break out frequently asked questions and reference other requirements that are related to vulnerability scanning. This requirement also applies to current DFARS 252.204-7012 and NIST SP 800-171 organizations that hold CUI
Jeff Dalton from the CMMC Accreditation Body Board of Directors was kind enough to provide answers to my burning questions about…
This webinar is a great resource for organizations no matter what CMMC level you expect to need. It is released by Carnegie Mellon University’s Software Engineering Institute. This is the organization that helped the DoD develop the original CMMC model. Read More
Hello all, Lots of different topics in this news article. I hope they help you! – Amira Armond Registered Practitioners and RPOs are official! The CMMC-AB started releasing badges to Registered Practitioners on November 17th. If you are a Registered Read More
CMMC and DFARS compliance is too expensive for small businesses. This article describes “easy button” solutions such as a CMMC MSP, using …
Hello all, Here are the latest third party articles and topics regarding CMMC, DFARS, and NIST 800-171 compliance. Best of luck in your compliance journey! – Amira DFARS 7012 , 7019, 7020 DoD Self Assessments Due This list has some Read More
In-depth article about CMMC basics such as where it came from, what purpose it is trying to achieve, timeframe for rollout, and…
This article gives advice on how a quality cyber-awareness training program helps your organization meet 19+ CMMC practice requirements
This webinar is published by Carnegie Mellon University’s Software Engineering Institute (SEI) – the co-authors of the CMMC Model. Their guidance about the CMMC should be considered authoritative. At CMMC level 2 and above, organizations are expected to have policies Read More
Author: Tom Cornelius| Senior Partner at ComplianceForge | Founder & Contributor at Secure Controls Framework (SCF) Originally published on LinkedIn on October 19, 2020 The concept of creating a “CMMC Kill Chain” started off as a bit of a dare… kind Read More