Ready to use prioritized CMMC requirements, to:
Make sure the Cyber Security Strategy team is responsible for assisting (internal) clients to define their cyber roadmap, assess the maturity of their cyber program, quantify and report on existing cyber risks, implement solutions to govern and manage cyber risk, and transform their cyber program to take advantage of new technologies and business models. .
- What level of maturity will your organization need to be certified to?
- Does your organization anticipate this project will be rolled out in phases or is there a preference to have all functional groups deployed at once?
- Does your organization have a mechanism in place to ensure that the actions of individual system users can be uniquely traced for accountability purposes?
- Has your organization implemented a mechanism to limit information system access to the types of transactions and functions that authorized users are permitted to execute?
- Has your organization implemented a mechanism to limit information system access to authorized users, processes acting on behalf of authorized users, or devices?
- Do you have to implement the same security requirements as your organization who handles a significant amount of CUI?
- Does your organization employ a mechanism to create, protect, and retain information system audit records in compliance with this control requirement?
- Does the system make use of organization assigned accounts for unique access by individuals?
- Has your organization established procedures to perform periodic scans of the information system and real time scans of files from external sources as files are downloaded, opened, or executed?
- Does your organization have a Supply Chain Risk or a Vendor Risk Management Program?
New to Kanban? Read this
Want to reuse this data? Purchase your license here:
One-time payment for perpetual commercial re-use
Questions? Email us HERE