Documentation templates which can help create a robust cybersecurity strategy. Useful for CMMC, NIST SP 800-171, and more.
Successful implementations are not measured by scores. The most valuable elements to a successful implementation do not have a weighted value.
With CMMC 2.0, DoD removed process maturity as an assessed requirement. Some commentators are suggesting that NIST 800-171’s “NFO” controls inherently require policies. We explore the requirement in this article.
The Executive Order issued May 12, 2021 on Improving the Nation’s Cybersecurity casts some clouds over the CMMC program. This article provides short-term guidance for defense contractors.