Our automated SPRS and FAR and Above scoring tool has been downloaded over 11,000 times since the first version was (more…)


Our automated SPRS and FAR and Above scoring tool has been downloaded over 11,000 times since the first version was (more…)
The United States Department of Defense (“DoD”) has begun its “Joint Surveillance Program” in conjunction with the CyberAB, the organization (more…)
The CMMC Implementation Conference is being held January 18-20 at the beautiful University of San Diego. Chock full of valuable tips and tools for business owners, service providers, and those charged with implementing the CMMC requirements, CIC2023 is NOT your ordinary CMMC conference. Learn how to Stop Talking. Start Doing. You can even take CCP or (the first ever) CCA training classes before the conference and reinforce your learning at the conference! Register today at https://CIC2023.org
There is a LOT of confusion in the contractor community over whether contractors have the authority to take it upon themselves to mark legacy information (e.g., FOUO, SBU, etc.) or unmarked information as CUI. In this article, we do a quick analysis based on the governing regulation and agency memorandum.
Is a contractor’s system security plan (“SSP”) Controlled Unclassified Information (“CUI”)? The answer depends on who is asking the question.
The DoD Assessment Methodology is a great attempt to create a standardized approach to evaluating contractor cybersecurity programs. However, it (more…)
Deciding when to hire an expert to help with cyber compliance can be daunting. We have updated our Comprehensive NIST SP 800-171 Self-Assessment Tool with DIY/outsource recommendations for each requirement and objective.
Twenty questions service providers should ask their clients before entering into a CMMC engagement.
We are excited to announce the release of the new version of our CMMC 2.0/NIST SP 800-171 Self-Assessment Tool. This version includes automated FAR and Above and SPRS scoring and much more!
The FAR and Above Program provides a risk-based, phased approach to achieving the requirements in NIST SP 800-171.