Did you know there are three general types of Examination Assessment Objects in NIST SP 800-171A?
Well, we looked at all 879 listed Examination Assessment Objects in 171A and realized there are three main types. There is also a whole lot of expected redundancy as Examination Assessment Objects get copied from one Security Requirement to another.
This is why you see the Count from Sesame Street. We needed his advanced mathematical skills to help us with counting between the 879 objects in play.
This Churns episode does expand on our previous one, “Your SSP Sucks, Seriously” (c.f., http://peakinfosec.com/information-security/as-the-cmmc-churns-your-ssp-sucks-seriously/) and explains how we can up with the Supporting Artifacts listed in our template and how you should categorize your objects.
============================================================
Peak InfoSec Homepage: http://peakinfosec.com
As the CMMC Churns Episodes: http://peakinfosec.com/as-the-cmmc-churns/
Contact Peak InfoSec for Support: http://peakinfosec.com/contact/
Email: [email protected]
============================================================
Social Contact