NIST SP 800-171/CMMC 2.0 Self-Assessment Tool Updated to Include Automated FAR and Above and SPRS Scoring, and More

We are excited to announce the release of the new version of our CMMC 2.0/NIST SP 800-171 Self-Assessment Tool. This version includes automated FAR and Above and SPRS scoring and much more!

CUI and Contractor Cybersecurity Obligations Decision Trees

Are you looking for a straightforward way to understand what is/isn’t likely to be Controlled Unclassified Information (“CUI”)? Is your prime/mid-tier contractor asking you for copies of your System Security Plan (“SSP”), Plan of Action and Milestones (“POA&M”), 800-171 assessment results, or other information when you didn’t even realize you needed them? We have added CUI and cybersecurity obligation decision trees to the CMMC Information Institute’s collection of free tools. We are also hosting an event on May 7, 2021 at 11:00 AM to discuss the decision trees and help take the mystery out of CUI.

Updated CMMC Maturity Level 1 Gap Analysis Tool Available

Our CMMC Maturity Level 1 Gap Analysis tool has been updated to include fields for recording Objective Evidence. Objective Evidence is information that demonstrates that your organization has adequately adopted a specific CMMC practice. The Objective Evidence is presented to the CMMC Certified Assessor or Assessment Team during assessment.