From securityboulevard.com
So, if you haven’t heard or if you are not familiar with the cybersecurity maturity model certification (CMMC), don’t worry about it, we are here to explain it all to you.
The CMMC is a certification procedure developed by the Department of Defense (DoD) to certify contractors have the controls to protect sensitive data including Federal Contract Information and Controlled Unclassified Information (CUI). The CMMC Model is based on the best-practices of different cybersecurity standards including NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others into one cohesive standard for cybersecurity. The Domains have seventeen (17) sections listed below:
- Access Control
- Asset Management
- Audit and Accountability
- Awareness and Training
- Configuration Management
- Identification and Authentication
- Incident Response
- Maintenance
- Media Protection
- Personnel Security
- Physical Security
- Recovery
- Risk Management
- Security Assessment
- Situational Awareness
- Systems and Communications Protection
- System and Information Integrity