Todd Stanton

October 18, 2024

CMMC

The Go-To CMMC Policy Templates According to NIST

Todd Stanton

October 18, 2024

CMMC

Organizations should identify the roles assigned to each statement within the policy. Mapping policy commitments to requirements and roles creates a shared responsibility matrix.

Todd Stanton

September 27, 2024

CMMC, Compliance

Crosswalking ISO/IEC 27001 to NIST SP 800-171A: A Comprehensive Guide

Todd Stanton

September 27, 2024

CMMC, Compliance

Crosswalking ISO/IEC 27001 to NIST SP 800-171A: A Comprehensive Guide

ISO/IEC 27001 provides a head start to implementing NIST SP 800-171A. This guide crosswalks work done under ISO/IEC 27001 into NIST SP 800-171A. The crosswalk resource enables mapping Annex A controls to NIST assessment objectives..

Todd Stanton

August 1, 2024

CMMC

NIST SP 800-171A Rev 3 Mapping to Rev 2 Assessment Objectives: A Thorough Guide

Todd Stanton

August 1, 2024

CMMC

NIST SP 800-171A Rev 3 Mapping to Rev 2 Assessment Objectives: A Thorough Guide

In May 2024, the NIST published revision 3 of Special Publication (SP) 800-171. Revision 3 supersedes Revision 2 published in early 2020 and updated in early 2021. Let’s breakdown a mapping of this revision to revision 2.

Todd Stanton

April 11, 2024

CMMC

CMMC Level 1 Continuous Monitoring: Everything You Need to Know

Todd Stanton

April 11, 2024

CMMC

Here’s everything you need to know about CMMC Level 1 continuous monitoring.

Maria Mulgrew

March 27, 2024

CMMC

[ANSWERED] Who is Responsible for Protecting CUI?

Maria Mulgrew

March 27, 2024

CMMC

[ANSWERED] Who is Responsible for Protecting CUI?

Having all of these hands on deck now complicates things a bit when it comes to responsibilities and safeguards. So who exactly holds the responsibility for protecting CUI? And how should one go about it? Let’s get into it!

Maria Mulgrew

March 22, 2024

CMMC

Exploring CMMC 2.0 Levels: The Path to Cyber Resilience

Maria Mulgrew

March 22, 2024

CMMC

Today we are going to explore the updated version of CMMC 2.0. Including its different levels, as well as new features and enhancements that help to fortify organizations' cybersecurity structure. Let’s get into it!

Todd Stanton

March 19, 2024

Compliance, CMMC

CMMC Data Flow Diagrams: An Ultimate Guide

Todd Stanton

March 19, 2024

Compliance, CMMC

CMMC Data Flow Diagrams: An Ultimate Guide

This blog focuses on how organizations define those boundaries. We collaborated with KNC Strategic Services (KNCSS), an authorized third party assessor organization (C3PAO). They offered their own take on creating a data flow diagram.

Todd Stanton

November 28, 2023

CMMC, Compliance

NIST SP 800-171 Rev 3 FPD Crosswalk of Assessment Objectives (XLSX Included)

Todd Stanton

November 28, 2023

CMMC, Compliance

NIST SP 800-171 Rev 3 FPD Crosswalk of Assessment Objectives (XLSX Included)

This blog will focus on the following topics; crosswalk methodology, key changes in the update to NIST SP 800-171 Rev 3, organizational defined parameters (ODPs), and applicability.

Todd Stanton

September 21, 2023

CMMC

CMMC GRC Toolset Essentials: A Closer Look

Todd Stanton

September 21, 2023

CMMC

In this post, we take a closer look at how these features create assurance traceability. We’ve also created a virtual demonstration showing our tool handling these requirements.

Todd Stanton

August 22, 2023

Compliance, CMMC

NIST SP 800-171 vs 800-53: Everything You Need to Know

Todd Stanton

August 22, 2023

Compliance, CMMC

NIST SP 800-171 vs 800-53: Everything You Need to Know

The National Institute for Standards and Technology (NIST) publishes pioneering cybersecurity standards. In this blog, we look at two of their well known special publications (SP) and discuss: