CCG’s Artificial Intelligent software, CheckMate, is designed to meet, benefit, greatly simplify, and provide an economical cost reduction in the implementation of CMMC Certification pre-assessment and meet compliance requirements.
CheckMate is providing direct requirement coverage through level 5:
- – Vulnerability Scanning
- – Mobile Device Management
- – Log Monitoring SIEM
- – Code Review
- – User access monitoring
- – Threat hunting
The primary goal of Level 1 to 5 is to protect Controlled Unclassified Information (CUI) and reduce the risk of advanced persistent threats (APTs). To pass Level 1 to 5 audit, DoD contractors will need to implement 157 controls.
Here are a few steps an organization can take to prepare for Level 1 to 5 audit:
- – Assess the current posture of your cybersecurity program
- – Map the relationship of your current cybersecurity program to NIST SP 800-171 and the appropriate CMMC controls needed for Level 4 certification
- – Update your System Security Plan (SSP) following the required CMMC controls and NIST SP 800-171
- – Create and update a Plan of Action & Milestones (POA&M) based on deficiencies or issues revealed during the program assessment
Common tasks include:
- – Application Configuration for CMMC Compliance (EX: Microsoft 365)
- – Active Directory and Access Control for CMMC Compliance
- – Auditing and Continuous Monitoring for CMMC Compliance
- – Security Controls and Test Results
- – Artifacts for CMMC Compliance
- – System Security Plan (SSP)
- – Plan of Action and Milestones (POA&M)
