Are you looking for a straightforward way to understand what is/isn’t likely to be Controlled Unclassified Information (“CUI”)? Is your prime/mid-tier contractor asking you for copies of your System Security Plan (“SSP”), Plan of Action and Milestones (“POA&M”), 800-171 assessment results, or other information when you didn’t even realize you needed them? We have added CUI and cybersecurity obligation decision trees to the CMMC Information Institute’s collection of free tools. We are also hosting an event on May 7, 2021 at 11:00 AM to discuss the decision trees and help take the mystery out of CUI.
Our free Maturity Level 1 Gap Assessment tool has been overhauled, and now includes the requirements for Maturity Levels 1-3 (more…)
The Whitehouse recently issued several Executive Orders which ban certain software, hardware, and services from use by the US Government (more…)
Sometimes simple tools can make implementing a structured cybersecurity program more straightforward. We have created equipment labels, that you can create using Avery 5160 labels, which mark equipment with CUI and FCI.
If you have been following CMMC closely, you already know your organization should begin preparing for its CMMC certification now (more…)