CMMC Requirement AC.L1-B.1.III – External Connections: Verify and control/limit connections to and use of external information systems. Links to Publicly Available Resources CMMC Level 1 Self-Assessment Guide This document provides self-assessment guidance for...
CMMC Requirement AC.L1-B.1.II – Transaction & Function Control: Limit information system access to the types of transactions and functions that authorized users are permitted to execute. Links to Publicly Available Resources CMMC Level 1 Self-Assessment...
CMMC Requirement AC.L1-B.1.I – Authorized Access Control: Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). Links to Publicly Available Resources CMMC Level 1...
Cybersecurity Compliance and Risk Assessment Purpose: Introduces the concept of a common Cybersecurity Compliance and Risk Assessment (CCRA) for the Defense Industrial Base CCRA Announcement Letter The CCRA concept allows suppliers to complete ONE assessment which...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Risk Assessment (RA) Level 1 Level 2 Level 3 There are currently no requirements in the Risk Assessment domain at Level 1. RA.L2-3.11.1 Risk AssessmentsRA.L2-3.11.2 Vulnerability ScanRA.L2-3.11.3 Vulnerability Remediation...
AC AT AU CM IA IR MA MP PS PE RA CA SC SI Configuration Management (CM) Level 1 Level 2 Level 3 There are currently no requirements in the Configuration Management domain at Level 1. CM.L2-3.4.1 System BaseliningCM.L2-3.4.2 Security Configuration...
