NIST SP 800-171 can be overwhelming for contractors. In this article, we present a prioritized approach to implementing the 110 controls of 800-171.
Successful implementations are not measured by scores. The most valuable elements to a successful implementation do not have a weighted value.
With CMMC 2.0, DoD removed process maturity as an assessed requirement. Some commentators are suggesting that NIST 800-171’s “NFO” controls inherently require policies. We explore the requirement in this article.
DoD submitted but quickly withdrew an “advanced notice of proposed rulemaking” entitled “Cybersecurity Maturity Model Certification 2.0 Updates and Way Forward”.
We have updated the FAQ to include the latest publicly available list of solicitations which are being considered for/will include (more…)