NIST SP 800-171/CMMC 2.0 Self-Assessment Tool Updated to Include Automated FAR and Above and SPRS Scoring, and More

We are excited to announce the release of the new version of our CMMC 2.0/NIST SP 800-171 Self-Assessment Tool. This version includes automated FAR and Above and SPRS scoring and much more!

CUI and Contractor Cybersecurity Obligations Decision Trees

Are you looking for a straightforward way to understand what is/isn’t likely to be Controlled Unclassified Information (“CUI”)? Is your prime/mid-tier contractor asking you for copies of your System Security Plan (“SSP”), Plan of Action and Milestones (“POA&M”), 800-171 assessment results, or other information when you didn’t even realize you needed them? We have added CUI and cybersecurity obligation decision trees to the CMMC Information Institute’s collection of free tools. We are also hosting an event on May 7, 2021 at 11:00 AM to discuss the decision trees and help take the mystery out of CUI.

Gap Assessment Tool Updated

Our free Maturity Level 1 Gap Assessment tool has been overhauled, and now includes the requirements for Maturity Levels 1-3 as per the CMMC Level 3 Assessment Guide. You can download a copy of our tool from our tools page.

List of Hardware, Software, and Services Banned by US Government

The Whitehouse recently issued several Executive Orders which ban certain software, hardware, and services from use by the US Government and its contractors. In addition, the National Defense Authorization Act of 2019 banned hardware manufactured by certain companies. The information is spread across multiple sources, including: Source Link Executive Order 13873 Executive Order on Securing (more…)

The CMMC Assessment Lifecycle Step 1: Selecting Your Desired CMMC Maturity Level

If you have been following CMMC closely, you already know your organization should begin preparing for its CMMC certification now even though CMMC certifications won’t be required in more than a handful of contracts until at least FY2023. By starting early, your organization can build any costs and business changes into your operational plans and (more…)