NIST SP 800-171 can be overwhelming for contractors. In this article, we present a prioritized approach to implementing the 110 controls of 800-171.
The US Department of Defense published the Level 1 Self-Assessment Guide for CMMC 2.0 on 13-DEC-2021.
The US Department of Defense updated their main website (OUSD A&S – Cybersecurity Maturity Model Certification (CMMC) (osd.mil)) to include (more…)
Successful implementations are not measured by scores. The most valuable elements to a successful implementation do not have a weighted value.
With CMMC 2.0, DoD removed process maturity as an assessed requirement. Some commentators are suggesting that NIST 800-171’s “NFO” controls inherently require policies. We explore the requirement in this article.