CMMC Update

Get instant access

CMMC References

The CMMC Program Proposed Final Rule (published 2023-12-26)
https://www.federalregister.gov/documents/2023/12/26/2023-27280/cybersecurity-maturity-model-certification-cmmc-program

CMMC v2.11 Scoping Guides, Assessment Guides and other supplemental documents
https://www.regulations.gov/docket/DOD-2023-OS-0096/document

Memo: FEDRAMP Equivalency for Cloud Service Providers
https://dodcio.defense.gov/Portals/0/Documents/Library/FEDRAMP-EquivalencyCloudServiceProviders.pdf

FAR 52.204-21 "Basic Safeguarding Rule"
https://www.acquisition.gov/far/52.204-21

DFARS 7012 Clause
https://www.acquisition.gov/dfars/252.204-7012-safeguarding-covered-defense-information-and-cyber-incident-reporting.

The Interim Rule
https://www.govinfo.gov/content/pkg/FR-2020-09-29/pdf/2020-21123.pdf

Supplier Performance Risk System (SPRS)
https://www.sprs.csd.disa.mil/

SPRS Quick Entry Guide for 800-171 self-assessments
https://www.sprs.csd.disa.mil/pdf/NISTSP800-171QuickEntryGuide.pdf

NIST SP 800-171 DoD Assessment Methodology, Version 1.2.1, June 24, 2020
https://www.acq.osd.mil/asda/dpc/cp/cyber/docs/safeguarding/NIST-SP-800-171-Assessment-Methodology-Version-1.2.1-6.24.2020.pdf

NIST SP 800-171A, Assessing Security Requirements for Controlled Unclassified Information
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171a.pdf

NIST SP 800-171 r2
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf

NIST SP 800-171 r3 fpd
https://csrc.nist.gov/pubs/sp/800/171/r3/fpd

CUI SSP Template from NIST
https://csrc.nist.gov/CSRC/media/Publications/sp/800-171/rev-2/final/documents/CUI-SSP-Template-final.docx

CUI POAM Template from NIST
https://csrc.nist.gov/CSRC/media/Publications/sp/800-171/rev-2/final/documents/CUI-Plan-of-Action-Template-final.docx

NIST SP 800-53 r5
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

CMMC Model, Scoping & Assessment Guides
https://dodcio.defense.gov/CMMC/Documentation/

CMMC Assessment Process (CAP) Pre-Decisional Draft v 1.0
https://cyberab.org/Portals/0/Documents/Process-Documents/CMMC-Assessment-Process-CAP-v1.0.pdf

Cyber AB Marketplace
https://cyberab.org/marketplace/

National Archives CUI Registry
https://www.archives.gov/cui

NIST CSRC Cryptographic Module Validation Program CMVP
https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules

NIST CSRC Glossary of Terms & Definitions
https://csrc.nist.gov/glossary

SP 800-18 Guide for Developing Security Plans for Federal Information Systems
https://csrc.nist.gov/publications/detail/sp/800-18/rev-1/final

Microsoft's Shared Responsibility Model
https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility/

Amazon Web Services Shared Responsibility Model
https://aws.amazon.com/compliance/shared-responsibility-model/

Google Cloud Platform's Shared Responsibility Model
https://services.google.com/fh/files/misc/gcp_pci_srm__apr_2019.pdf

CISA Insider Threat training resources
https://www.cisa.gov/training-awareness

CDSE's Insider Threat Program
https://www.cdse.edu/Training/Insider-Threat/

US CERT Alerts
https://us-cert.cisa.gov/ncas/alerts

SANS Newsletters
https://www.sans.org/newsletters/?msc=main-nav

InfraGard
https://www.infragard.org/

InfraGard Louisiana Member's Alliance
https://www.infragard-la.org/

TNE. Cybersecurity. Possible.

Speak with an Expert

Contact

The Net Effect, L.L.C.
Post Office Box 885
Mobile, Alabama 36601-0885 (US)
phone: (251) 433-0196
fax: (251) 433-5371
email: sales at theneteffect dot com
Secure Payment Center

The Net Effect, LLC

Copyright 1996-2024 The Net Effect, L.L.C. All rights reserved. Read our privacy policy