We are excited to release a discussion draft of our new CUI Recipient Preparedness questionnaire. The questionnaire helps organizations who want to disseminate CUI to others to better achieve 32 CFR 2002’s “reasonable certainty” that an intended recipient can properly handle CUI.
Please help us build a better resource for the community.
Questions, comments, and enhancements to the questionnaire are welcome!
Some DoD contractors are making significant investments to enhance their cybersecurity. This article discusses an approach those contractors can use to help increase the ROI for that work and win more contracts.
DoD published a notice that DFARS 252.204-7024 will soon be published. This new clause requires contracting officers to consider supply chain risk and SPRS-reported risk information, as part of the award decisions. Click through for additional information!
DoD is amending the DFARS to add SPRS score values (rather than simply the submission of a self-assessment score to SPRS) as part of the contract evaluation and award process.
Our automated SPRS and FAR and Above scoring tool has been downloaded over 11,000 times since the first version was released in 2021! We recently updated the tool to version 2023.02a. The changes include a bug fix to the SPRS scoring for 3.13.11, the addition of FAR and Above and SPRS scores to the SSP (more…)
The United States Department of Defense (“DoD”) has begun its “Joint Surveillance Program” in conjunction with the CyberAB, the organization tasked with overseeing the CMMC ecosystem. Under the Joint Surveillance Program, members of DoD’s Defense Industrial Base Cybersecurity Assessment Center (“DIBCAC”) accompany and oversee representatives from CyberAB authorized Certified 3rd Party Assessment Organizations (“C3PAOs”) as (more…)
The CMMC Implementation Conference is being held January 18-20 at the beautiful University of San Diego. Chock full of valuable tips and tools for business owners, service providers, and those charged with implementing the CMMC requirements, CIC2023 is NOT your ordinary CMMC conference. Learn how to Stop Talking. Start Doing. You can even take CCP or (the first ever) CCA training classes before the conference and reinforce your learning at the conference! Register today at https://CIC2023.org
We are excited to announce the release of the new version of our CMMC 2.0/NIST SP 800-171 Self-Assessment Tool. This version includes automated FAR and Above and SPRS scoring and much more!
The FAR and Above Program provides a risk-based, phased approach to achieving the requirements in NIST SP 800-171.
Government representatives have stated that complying with CMMC 2.0 Level 2 shouldn’t cost contractors or the government anything, because contractors have been attesting to the government that they are doing these things for years. This article explores why this is correct only for a small minority (17 out of 110) of the controls in CMMC 2.0 Level 2.
