CMMC Quarterly Update – December 2022

There’s not much new in the world of CMMC. Joint assessments with C3PAOs and DIBCAC continue, but we all await the final 2.0 rules, which are still expected in the Spring of 2023. In the meantime, don’t stop preparing!  Continue working through your POAMs,...

Read More

CMMC Implementation – Level 2 Security Assessment

Introduction As rapidly changing technologies and vulnerabilities materialize daily, organizations must have a security plan of action and milestones documented. This plan of action and milestones or POAM should be proactively followed by an assessment of the controls...

Read More

CMMC Implementation – Level 2 Risk Assessment

Introduction A Risk assessment is a process of determining how effectively systems meet specific security objectives. A proper risk assessment plan should answer the following fundamental questions: What is the scope of the assessment?Who is authorized to conduct the...

Read More

CMMC Implementation – Level 2 Physical Protection

Introduction Many of the NIST controls deal with the logical aspect of access to organizational systems; however, without appropriate controls in place to protect the physical facilities and equipment, the compromise of information systems and CUI is at great risk....

Read More