NIST SP 800-171 Revision 2 & CMMC Related Templates
The following templates are provided free, pro bono, no guarantees, and with no support to the Defense Industrial Base (DIB) to support their NIST SP 800-171 implementation, documentation, and preparation activities for a Cybersecurity Maturity Model Certification (CMMC) Conformity Assessment event.
The following documentation does presume the using organization follow a configuration management methodology as described in NIST SP 800-128, Guide for Security-Focused Configuration Management of Information Systems.
If your organization is interested in Peak InfoSec supporting your use of these free NIST SP 800-171 & CMMC templates, please complete the form below.
Policies
Plans
System Security Plan (SSP)
When using the NIST SP 800-171 based free SSP templates below, we really recommend you watch the related As the CMMC Churns videos:
- As the CMMC Churns | Your SSP Sucks, Seriously.: This Churns video explains how you use our SSP templates
- As the CMMC Churns | The Three Types of Evidentiary Objects: This Churns video looks at the three main types of Examination Assess Objects enumerated in NIST SP 800-171A. This video also expounds on part of how to write an effective SSP.
- As the CMMC Churns | Assessors and Toddlers: This explains the Document Traceability Matrix
- As the CMMC Churns | Documenting Your Scope: How to create a scope diagram for your SSP
Social Contact