NIST SP 800-171 & CMMC Infographics and Whitepapers

The following NIST SP 800-171 & CMMC Infographics and Whitepapers are provided for your organization’s benefit.

NIST SP 800-171 & CMMC Infographics

NIST SP 800-171 & CMMC Whitepapers

  • This As the CMMC Churns dives into understanding the NIST SP 800-171 Security Requirement, 3.10.6 Alternate Work Sites

3.10.6 Alternate Work Sites

April 19th, 2024|

Is your organization struggling to understand how to approach the NIST SP 800-171 3.10.6 Security Requirement for Alternate Work Sites?  What is allowed and what an assessor may be looking for? In this [...]

Requirements have Relationships

March 6th, 2024|

I’ll bet you didn’t know the Security Requirements in NIST SP 800-171 have relationships. We see people just jumping into NIST SP 800-171 compliance helping organizations and even CMMC Certified Assessors failing to [...]

  • Approve. It is the forgotten verb that applies throughout NIST SP 800-171. Draft policies and unapproved configuration settings don't count in a Conformity Assessment. Follow 3.4.3, approve policies, plan, procedures, and your security design documentation.

Approve, the Forgotten Verb

February 25th, 2024|

Did you know one of the most prolific failures for an organization's self-assessments and those seeking certification during a conformity assessment under Cybersecurity is their documentation?  Approvals. For some crazy reason organizations think [...]

  • Is your organization struggling to identify CUI in your environment? This As the CMMC Churns explains the CUI Litmus Test

CUI Litmus Test

July 6th, 2023|

Find out about the CUI Litmus test if your organization struggling to identify CUI in your environment. Does your organization know the key tenets to identify CUI? If not, this [...]

  • In this episode of As the CMMC Churns, we will look at the similarities between Assessors and Toddlers; why you can’t leave either unattended

Assessors and Toddlers

June 28th, 2023|

Is your organization getting ready to undergo a formal Conformity Assessment for NIST SP 800-171?  If so, you need to watch this video!!! You need to understand the similarities between Assessors and Toddlers. With [...]

  • BREAKING NEWS from As the CMMC Churns... There are now 4-Ways to Demonstrate Compliance to NIST SP 800-171 requirements.
  • BREAKING NEWS from As the CMMC Churns... There are now 4-Ways to Demonstrate Compliance to NIST SP 800-171 requirements.

4-Ways to Demonstrate Compliance

May 5th, 2023|

BREAKING NEWS from "As the CMMC Churns"....  There are now 4-Ways to Demonstrate Compliance. The Cyber-AB, with DoD's implicit blessing, is now allowing Authorized C3PAOs to conduct formal NIST SP 800-171 Assessments for [...]

  • Are you Overengineering for CMMC? This As the CMMC Churns looks at Overengineering for CMMC and with a little Jeff Foxworthy along the way.
  • Are you Overengineering for CMMC? This As the CMMC Churns looks at Overengineering for CMMC and with a little Jeff Foxworthy along the way.

Overengineering for CMMC

April 27th, 2023|

Are you Overengineering for CMMC?  Has your business made the implementation of NIST SP 800-171 harder than it needs to be? Are your employees using one device for CUI work and another for [...]

  • VM for Remote Workers underwent a massive shift due to COVID-19 was a massive catalyst to change how the United States and the world operate
  • VM for Remote Workers underwent a massive shift due to COVID-19 was a massive catalyst to change how the United States and the world operate

VM for Remote Workers

April 23rd, 2023|

VM for Remote Workers underwent a massive shift due to COVID-19 that changed how the United States and the world operate. It impacted operations and drove changes under NIST SP 800-171/CMMC for remote [...]

  • There is a lot of CMMC FUD being used to goad Defense Industrial Base (DIB) companies into implementing NIST SP 800-171 and get ready for CMMC
  • There is a lot of CMMC FUD being used to goad Defense Industrial Base (DIB) companies into implementing NIST SP 800-171 and get ready for CMMC

CMMC FUD

April 5th, 2023|

There is a lot of CMMC-related Fear, Uncertainty, and Doubt (FUD) being used to goad Defense Industrial Base (DIB) companies into implementing NIST SP 800-171 and get ready for CMMC. While we are [...]

  • Tips about FIPS Part 2 continues address the most common DIBCAC NOT MET requirement for CMMC and NIST SP 800-171, 3.13.11.
  • Tips about FIPS Part 2 continues address the most common DIBCAC NOT MET requirement for CMMC and NIST SP 800-171, 3.13.11.

Tips about FIPS Part 2

March 31st, 2023|

Has 3.13.11, the use of FIPS-validated encryption, sent your organization through the Seven Stages of CMMC Grief? Does the use of FIPS-validated encryption have you befuddled?  Tips about FIPS Part 2 continues address [...]

  • This is Part 1 on Tips about FIPS to meet CMMC/NIST SP 800-171 3.13.11 Security Requirements.
  • This is Part 1 on Tips about FIPS to meet CMMC/NIST SP 800-171 3.13.11 Security Requirements.

Tips about FIPS Part 1

February 16th, 2023|

Has 3.13.11, the use of FIPS validated encryption, sent your organization through the Seven Stages of CMMC Grief? Does the use of FIPS validated encryption have you befuddled? This is Part 1 on [...]

  • DIBCAC Gaps is about slides about what NIST SP 800-171 requirements were "Other Than Satisfied" by DoD in their non-voluntary assessments.
  • DIBCAC Gaps is about slides about what NIST SP 800-171 requirements were "Other Than Satisfied" by DoD in their non-voluntary assessments.

DIBCAC Gaps

February 9th, 2023|

Did you know the Defense Industrial Based Cybersecurity Assessment Center (DIBCAC) posted slides about what NIST SP 800-171 requirements were "Other Than Satisfied"?  These are the DIBCAC Gaps. In [...]

  • Apple MacOS and CMMC??? This episode of As the CMMC Churns covers the key tools to use to meet NIST SP 800-171 requirements.
  • Apple MacOS and CMMC??? This episode of As the CMMC Churns covers the key tools to use to meet NIST SP 800-171 requirements.

Apple MacOS and CMMC

February 2nd, 2023|

Apple MacOS and CMMC???  Does your business use Apple MacOS devices? Do you also have to implement NIST SP 800-171 and be CMMC accredited? Good news!!! Apple MacOS devices can be setup to fulfill [...]

  • Are looking to understand documenting your scope in your SSP? How does the NIST SP 800-171 Scope of Applicability and CMMC Assessment Scope fit in the SSP?
  • Are looking to understand documenting your scope in your SSP? How does the NIST SP 800-171 Scope of Applicability and CMMC Assessment Scope fit in the SSP?

Documenting Your Scope

January 26th, 2023|

Are looking to understand documenting your scope for your SSP? How does the NIST SP 800-171 Scope of Applicability and CMMC Assessment Scope fit in the SSP? In this At the CMMC Churns, [...]

Key CMMC Sites

Key References

Key Acquisition References

Other Key Sites

Information Security Turnaround Specialists