Health Care Quality Digest

[ANSWERED] Who is Responsible for Protecting CUI?

Etactics

MARCH 27, 2024

Controlled Unclassified Information (CUI) is a category of such important data. The Policies Importance of Compliance Training How does CUI relate to CMMC? A good example of this is through the Cybersecurity Maturity Model Certification (CMMC) program. How does CUI relate to CMMC? And how should one go about it?

Regulations

Regulations Integration

CMMC Data Flow Diagrams: An Ultimate Guide

Etactics

MARCH 19, 2024

The Cybersecurity Maturity Model Certification (CMMC) program protects federal information from unauthorized disclosure. This blog focuses on how organizations define those boundaries. How do you define a CMMC Level 1 authorization boundary? How do you define a CMMC Level 2 authorization boundary?

NIST SP 800-171 Rev 3 FPD Crosswalk of Assessment Objectives (XLSX Included)

Etactics

NOVEMBER 28, 2023

This blog will focus on the following topics: Crosswalk methodology Key changes in the update Organizational Defined Parameters (ODPs) Applicability We’ve created a free Rev 3 Crosswalk Calculator. Technology-specific) Image Source: NIST SP 800-171r3 initial public draft The FPD introduced a new tailoring category called ORC.

Regulations

Regulations Accountability

The Ultimate CMMC Scoping Guide: A Matrix for Every Level

Etactics

NOVEMBER 1, 2022

Scoping is often overlooked when preparing for a cybersecurity maturity model certification (CMMC). The purpose of this blog is to provide a resource that documents how to tailor the 320 objectives within NIST SP 800-171A to the CMMC scope. Image Source: CMMC Self-Assessment Scope Level 2. This statement isn’t definitive.

Regulations

CMMC-AB May Town Hall: Key Takeaways

Etactics

JUNE 28, 2022

May’s CMMC-AB Town Hall marked the end of an era. There will be no more CMMC-AB Town Halls discussing what the accreditation body is doing to prepare the ecosystem of consultants, educators and assessors for the upcoming final CMMC rule. That’s because, in May’s Town Hall, the CMMC-AB announced their rebranding to The Cyber AB.

Integration

CMMC Training: Everything You Need to Know

Etactics

AUGUST 31, 2021

Table of Contents Individuals Performing Services (IPS) Training Registered Practitioner (RP) Training Registered Provider Organization (RPO) Training Certified Third-Party Assessor Organization (C3PAO) Training CMMC Professionals (CCPs) and CMMC Assessors (CCAs) CMMC Provisional Assessor Training Conclusion.

An In-Depth Look Into CMMC Level 3 Requirements

Etactics

AUGUST 10, 2021

Of course, what I’m referring to is the upcoming enforcement of the Cybersecurity Maturity Model Certification (CMMC). If you have any existing contracts with the DoD, you’ve probably heard the acronym “CMMC” whispered throughout your office, fueled by a general sense of fear. Maybe that’s what ultimately led you to this blog post.

Regulations

CMMC-AB November 30 Town Hall: Key Takeaways and Unanswered Questions

Etactics

DECEMBER 9, 2021

Table of Contents Town Hall Overview Credits for Exam Vouchers C3PAO Assessment Vouchers Renewals On Proposed Changes in CMMC 2.0 Concerns of CMMC 2.0 Benefits of CMMC 2.0 Town Hall Overview On November 30, 2021, the CMMC-AB held a scheduled Town Hall meeting to update the CMMC Ecosystem and defense industrial base (DIB).

Accountability

Accountability Integration

Everything You Need to Know About CUI Designations

Etactics

OCTOBER 28, 2021

As organizations prepare for CMMC, the first question they need to answer is what controlled unclassified information (CUI) they have. This blog takes a closer look at the regulations, manuals, policies, and instructions guiding CUI designation. There are 125 categories broken down into 20 organization index groupings.

Regulations

Regulations Prevention

NIST SP 800-171 vs 800-53: Everything You Need to Know

Etactics

AUGUST 22, 2023

In this blog, we look at two of their well known special publications (SP) and discuss: How to derive CMMC Strategies from the RMF NIST SP 800-53 Explained NIST SP 800-171 Explained Conclusion How to derive CMMC Strategies from the RMF This blog will explain the role SP 800-53 plays within the Risk Management Framework (RMF).

Integration

Integration Accountability

The Ultimate Guide to CMMC Level 2 Requirements

Etactics

JANUARY 4, 2022

Of course, what I’m referring to is the Cybersecurity Maturity Model Certification (CMMC). Maybe you’re already familiar with the acronym and heard that the DoD recently pushed out the massive update, CMMC 2.0. If the DoD hasn’t finalized CMMC yet, is it even worth putting energy towards figuring it out right now? The CMMC 2.0

Integration

Integration Regulations Accountability

CMMC-AB December Town Hall: Key Takeaways

Etactics

JANUARY 18, 2022

Changing of The Guard December’s CMMC-AB Town Hall event ushered in a changing of the guard within the accreditation body's board of directors. Mr. Johnson was the first Chairman elected at the CMMC-AB in January 2021. via CMMC-AB. via CMMC Level 2 Scoping Guide. It categorizes assets into five groups.

Regulations

Regulations Prevention

CMMC SSP: What It Is and Why You Need One

Etactics

MAY 12, 2022

The purpose of this blog is to: Explain why you need to have an SSP Identify necessary components Review formatting considerations Discuss Plans of Action & Milestones (POA&M) Explore Automation for SSP Generation. The SSP will exist as a roadmap moving forward, especially with upcoming CMMC rulemaking. with CMMC 2.0.

Controlled Unclassified Information Markings: What They Mean and Why They're Important

Etactics

NOVEMBER 4, 2021

In our last blog post, I covered what CUI is. The site identifies all approved categories and subcategories. The controls for CUI Specified categories and subcategories can differ from Basic ones and from each other. A CUI Specified category may include subcategories that are Basic and vice versa.

Regulations

Health Care Quality Digest

[ANSWERED] Who is Responsible for Protecting CUI?

CMMC Data Flow Diagrams: An Ultimate Guide

Trending Sources

NIST SP 800-171 Rev 3 FPD Crosswalk of Assessment Objectives (XLSX Included)

The Ultimate CMMC Scoping Guide: A Matrix for Every Level

CMMC-AB May Town Hall: Key Takeaways

CMMC Training: Everything You Need to Know

An In-Depth Look Into CMMC Level 3 Requirements

CMMC-AB November 30 Town Hall: Key Takeaways and Unanswered Questions

Everything You Need to Know About CUI Designations

NIST SP 800-171 vs 800-53: Everything You Need to Know

The Ultimate Guide to CMMC Level 2 Requirements

CMMC-AB December Town Hall: Key Takeaways

CMMC SSP: What It Is and Why You Need One

Controlled Unclassified Information Markings: What They Mean and Why They're Important

Stay Connected