CMMC PReparation

Home » Cybersecurity Services » CMMC Preparations

WHat is CMMC?

Government building

Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification (CMMC) program is aligned to DoD’s information security requirements for DIB partners. It is designed to enforce protection of sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The program provides the Department increased assurance that contractors and subcontractors are meeting the cybersecurity requirements that apply to acquisition programs and systems that process controlled unclassified information.

 

The CMMC 2.0 program has three key features:

  • Tiered Model: CMMC requires that companies entrusted with national security information implement cybersecurity standards at progressively advanced levels, depending on the type and sensitivity of the information. The program also sets forward the process for requiring protection of information that is flowed down to subcontractors
  • Assessment Requirement: CMMC assessments allow the Department to verify the implementation of clear cybersecurity standards.
  • Implementation through Contracts: Once CMMC is fully implemented, certain DoD contractors that handle sensitive unclassified DoD information will be required to achieve a particular CMMC level as a condition of contract award.
Contact Us

CMMC Preparation

Benefits

PReparation

Critical Fault ensures that necessary security controls are integrated into the design and implementation of an organization’s security posture, adequate to be able to pass a CMMC assessment.

A properly completed CMMC Preparation should provide documentation outlining any security gaps between certification requirements and existing corporate security policies and practices. The Preparation will include remediation steps if an organization’s security gaps would prevent it from working with the government

i

Document Review

Examining any current or previous documents can greatly help in the risk assessment process.

Helpful documentation includes:

  • Previous risk assessments or audits
  • Previous risk registers or control catalogs
  • Previous penetration security assessments
  • Business Impact Analysis
  • Network Diagram
  • Dataflow Diagram

Physical Security Assessment

Critical Fault will conduct a physical security assessment of business facilities and locations (site visits).

Areas of Focus:

  • Access Control
  • Social Engineering
  • Fire Access control
  • Motion Detectors
  • Video Cameras

Digital security Assessment

Critical Fault will schedule several interviews with personnel.

Interview Topics include:

  • Access Control
  • Identification and Authentication
  • Audit & Accountability
  • Monitoring
  • Backups & Testing
  • Configuration Management
  • Physical Security
  • Vulnerability Management
  • Contingency Planning
  • Incident Response
  • And more…

Want to learn more? Our Security Experts Are Here For You

Schedule a Free Consultation

Deliverables

  • Document Review
  • Physical Security Assessment
  • Digital Security Assessment
  • Technical Interviews
  • Executive Reports
  • Technical Report
  • Risk Register
  • Control Catalog
futuristic Risk Management image
R

Risk Rankings

Allows your organization to prioritize the most severe risks first, reducing your risks of a serious data breach.

R

Maturity Assessment and Goals

Get an in-depth look at your current cybersecurity maturity. Create maturity goals and document your progression towards those goals.

R

Feedback on existing controls/risks

Discover the effectiveness of your exisisting security controls and identify risks that need remediation.

R

Develop Remediation Strategies

Develop strategies to fix any vulnerabilities or indicators of compromise to prevent future security incidents from occurring.

R

Control enhancement and Risk reduction

Strengthen your organization’s security controls and reduce your existing risks by performing regular risk assessments and acting upon the remediation strategies indicated in the reports.

Critical Fault all white text

Newsletter

Subscribe To Our Newsletter

We've been creating some excellent webinars and local events. Join our mailing list for the latest on industry trends and strategies for cyber defense.

Need Immediate Assistance?

Give us a call (405) 771-6399

Headquarters

3841 E Danforth Rd, Ste 106, Edmond, OK 73034 

110 E. Houston St, 7th Floor, San Antonio, TX 78205

Copyright 2024 - Critical Fault, LLC. | Privacy Policy