As a new initiative of the U.S. Department of Defense (DoD), Cybersecurity Maturity Model Certification (CMMC) is designed to enforce and maintain contractor and subcontractor cybersecurity compliance across the federal defense industrial base. CMMC requires that any commercial organization doing business with the DoD be certified by a third-party CMMC assessor to validate that they meet the appropriate CMMC specifications.
To help our customers prepare for CMMC certification, we are pleased to introduce the new Archer CMMC Management use case. It enables Archer customers to identify, document, and manage the appropriate CMMC practices and processes required for improved cybersecurity hygiene for storage and management of Federal Contract Information and Controlled Unclassified Information. Archer CMMC Management alleviates many of the challenges of scoping and engaging in preparatory pre-assessment work.
Archer CMMC Management focuses on pre-assessment activities such as defining scoped boundaries, system components, policies, and procedures; allocating the appropriate level of assessment processes, assessment practices, and assessment objectives across the different components of the system; identifying deficiencies, remediating POA&Ms; and creating the appropriate system security plan (SSP) documentation.
Does your organization work with the U.S. DoD? Contact us to find out how Archer CMMC Management can help you manage CMMC requirements.