DFARS and NIST SP 800-171 – DIBCAC Audits – How to Make Getting Through an Audit Easier

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week we are talking about NIST SP 800-171 DIBCAC audits – how to make getting through an audit easier. Now look, nobody likes an audit. Let’s get that out of the way now. Even worse, just knowing that the audit is being […]

Why Now Is The Absolute Best Time To Become A Defense Contractor

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we are talking about Why Now Is The Absolute Best Time To Become A Defense Contractor. Often times our teams are involved in discussions regarding whether a company should proceed to fix their temporary deficiencies and continue doing work in the […]

The CMMC Assessment Process: Get Right With It

Reading Time: < 1 minute So we’ve spent a lot of time talking about this newly released draft CMMC Assessment Process, and we’ve had a lot of fun with the ACRONYM, but let’s take a serious deep dive into the document itself. We now have an idea of the direction of the process. We have insight into what is seemingly […]

CMMC Assessment Process: Limited Deficiency Correction Consideration

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we discuss the newly released draft CMMC Assessment Process, or CAP for short. One of the more important aspects of the CAP is that you will get a chance to remediate some of the deficiencies that an assessor might find during […]

CMMC Assessment Process and POAMs

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we discuss the recently released DRAFT document from The CYBER AB concerning the CMMC Assessment Process (CAP) and POAMs (Plans of Action with Milestones).

NIST SP 800-171 Audit Logs and SEIM

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we are talking about what’s up with all of these weird controls in NIST SP 800-171 requiring you to review and audit logs from the systems that may contain secure information. Let’s look at Control 3.3.1 – Create and retain system […]

NIST SP 800-171 and the System Security Plan

Reading Time: < 1 minute In this edition of the On Call Compliance Solutions Compliance Tip of the Week, we are talking about a word that is often very misunderstood when it comes to NIST SP 800-171 and its System Security Plan. You see often times we get calls from clients who are frantically trying to implement solutions prior to […]

Cyber AB CMMC Assessment Process: Test and Analyze

Reading Time: < 1 minute The Cyber AB recently released its DRAFT CMMC Assessment Process (CAP) document. As part of the CMMC Assessment Process, the Assessment Team will be conducting live tests or demonstrations to provide detailed operational insight into the effectiveness of the CMMC practices implemented in your system, including an understanding of how those practices are executed or […]

Enduring Exceptions

Reading Time: < 1 minute So, as the CYBER AB has now revealed its CMMC Assessment Process it begs the question: What about Enduring Exceptions? Nothing mentioned. Nothing revealed. So, what’s the deal?

Cyber AB CMMC Assessment Process: Conduct Interviews and Assess Responses

Reading Time: < 1 minute The Cyber AB recently released its DRAFT CMMC Assessment Process (CAP) document. In this video, we focus on Phase 2 and the assessment methods of conducting interviews. The Cyber AB stresses in the CAP that interviews are an effective means to glean insight into the CMMC conformance of an organization seeking certification, including an understanding […]