On November 2010, President Obama issued Executive Order 13556 that formed the controlled unclassified information (CUI) program. Six years later, the Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 was published, establishing requirements for CUI, making contractor information systems subject to the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations.” This led to the Cybersecurity Maturity Model Certification (CMMC) ecosystem.
This webinar will cover the following CMMC topics:
- The relationship between the Federal Acquisition Regulation and DFARS relating to CUI
- CMMC ecosystem – Cyber AB’s role and purpose supporting CMMC
- The differences between NIST SP 800-171 Rev 2, SP 800-171A, SP 800-172, and SP 800-172A and how the Cyber AB supports the program
- Cyber AB certifications such as: Registered Practitioner (RP), Certified CMMC Professional (CCP), Certified CMMC Assessor (CCA), and the CMMC Third Party Assessment Organization (C3PAO) who certifies the Organizations Seeking Compliance (OSCs) that need to be assessed
- CMMC certification process
- The CMMC Levels 1 & 2 assessment process and the 14 NIST 800-171 Rev 2 controls
- Steps to CMMC readiness and the Supplier Performance Risk System process