CMMC PReparation
WHat is CMMC?
Cybersecurity Maturity Model Certification
The Cybersecurity Maturity Model Certification (CMMC) program is aligned to DoD’s information security requirements for DIB partners. It is designed to enforce protection of sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The program provides the Department increased assurance that contractors and subcontractors are meeting the cybersecurity requirements that apply to acquisition programs and systems that process controlled unclassified information.
The CMMC 2.0 program has three key features:
- Tiered Model: CMMC requires that companies entrusted with national security information implement cybersecurity standards at progressively advanced levels, depending on the type and sensitivity of the information. The program also sets forward the process for requiring protection of information that is flowed down to subcontractors
- Assessment Requirement: CMMC assessments allow the Department to verify the implementation of clear cybersecurity standards.
- Implementation through Contracts: Once CMMC is fully implemented, certain DoD contractors that handle sensitive unclassified DoD information will be required to achieve a particular CMMC level as a condition of contract award.
CMMC Preparation
Benefits
PReparation
Critical Fault ensures that necessary security controls are integrated into the design and implementation of an organization’s security posture, adequate to be able to pass a CMMC assessment.
A properly completed CMMC Preparation should provide documentation outlining any security gaps between certification requirements and existing corporate security policies and practices. The Preparation will include remediation steps if an organization’s security gaps would prevent it from working with the government
Document Review
Examining any current or previous documents can greatly help in the risk assessment process.
Helpful documentation includes:
- Previous risk assessments or audits
- Previous risk registers or control catalogs
- Previous penetration security assessments
- Business Impact Analysis
- Network Diagram
- Dataflow Diagram
Physical Security Assessment
Critical Fault will conduct a physical security assessment of business facilities and locations (site visits).
Areas of Focus:
- Access Control
- Social Engineering
- Fire Access control
- Motion Detectors
- Video Cameras
Digital security Assessment
Critical Fault will schedule several interviews with personnel.
Interview Topics include:
- Access Control
- Identification and Authentication
- Audit & Accountability
- Monitoring
- Backups & Testing
- Configuration Management
- Physical Security
- Vulnerability Management
- Contingency Planning
- Incident Response
- And more…
Want to learn more? Our Security Experts Are Here For You
Deliverables
- Document Review
- Physical Security Assessment
- Digital Security Assessment
- Technical Interviews
- Executive Reports
- Technical Report
- Risk Register
- Control Catalog
Risk Rankings
Allows your organization to prioritize the most severe risks first, reducing your risks of a serious data breach.
Maturity Assessment and Goals
Get an in-depth look at your current cybersecurity maturity. Create maturity goals and document your progression towards those goals.
Feedback on existing controls/risks
Discover the effectiveness of your exisisting security controls and identify risks that need remediation.
Develop Remediation Strategies
Develop strategies to fix any vulnerabilities or indicators of compromise to prevent future security incidents from occurring.
Control enhancement and Risk reduction
Strengthen your organization’s security controls and reduce your existing risks by performing regular risk assessments and acting upon the remediation strategies indicated in the reports.
Newsletter
Subscribe To Our Newsletter
We've been creating some excellent webinars and local events. Join our mailing list for the latest on industry trends and strategies for cyber defense.
Need Immediate Assistance?
Give us a call (405) 771-6399
Headquarters
3841 E Danforth Rd, Ste 106, Edmond, OK 73034
110 E. Houston St, 7th Floor, San Antonio, TX 78205
Copyright 2024 - Critical Fault, LLC. | Privacy Policy