Useful CMMC Links
The following are useful links for more CMMC related knowledge
Department of Defense Procurement Toolbox: Implementing the Cybersecurity Maturity Model Certification (CMMC) Program
CMMC Defense Federal Acquisition Regulation Supplement (DFARS) Proposed Rule: CMMC DFARS Proposed Rule
DFARS Clause 252.204-7012: Safeguarding Covered Defense Information and Cyber Incident Reporting
DFARS Provision 252.204-7019: Notice of NIST SP 800-171 DoD Assessment Requirements
DFARS Clause 252.204-7020: NIST SP 800-171 DoD Assessment Requirements
DFARS Clause 252.204-7021: TBD
NIST SP 800-171 Rev. 2: Protecting CUI in Nonfederal Systems
NIST SP 800-171A: Assessing Security Requirements for Controlled Unclassified Information
NIST SP 800-172: Enhanced Security Requirements for Protecting Controlled Unclassified Information
NIST SP 800-172A: Assessing Enhanced Security Requirements for Controlled Unclassified Information
DoD CUI Program Website: DoD CUI Program
Supplier Performance Risk System (SPRS): SPRS
CMMC Accreditation Body Website: CMMC Accreditation Body
DODI 5200.48 – Controlled Unclassified Information: DODI 5200.48
DODI 5000.90 – Cybersecurity for Acquisition Decision Authorities and Program Managers: DODI 5000.90
Executive Order on Improving the Nation’s Cybersecurity (May 12, 2021): Executive Order
NIST SP 800-53: Security and Privacy Controls for Information Systems and Organizations
NIST Cybersecurity Framework (CSF): NIST Cybersecurity Framework
Cybersecurity & Infrastructure Security Agency (CISA) Resources: CISA Resources
Federal Risk and Authorization Management Program (FedRAMP): FedRAMP
National Defense Industrial Association (NDIA): NDIA Cybersecurity
Defense Acquisition University (DAU): DAU Cybersecurity Courses
CMMC Marketplace: CMMC Marketplace
Cybersecurity and Privacy Reference Tool (CPRT): CPRT