RA.L2-3.11.1 Risk Assessments

CMMC Requirement RA.L2-3.11.1 – Risk Assessments: Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and...

MP.L2-3.8.9 Protect Backups

CMMC Requirement MP.L2-3.8.9 – Protect Backups: Protect the confidentiality of backup CUI at storage locations. Links to Publicly Available Resources Acronis – What is a Backup? (Data Backup) This comprehensive data backup blog explains what a data backup is,...

PE.L2-3.10.6 Alternative Work Sites

CMMC Requirement PE.L2-3.10.6 – Alternative Work Sites: Enforce safeguarding measures for CUI at alternate work sites. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for conducting Cybersecurity...

PE.L2-3.10.2 Monitor Facility

CMMC Requirement PE.L2-3.10.2 – Monitor Facility: Protect and monitor the physical facility and support infrastructure for organizational systems. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document provides assessment guidance for...

PE.L2-3.10.5 Manage Physical Access

CMMC Requirement PE.L2-3.10.5 – Manage Physical Access: Control and manage physical access devices. Links to Publicly Available Resources CMMC Level 1 Self-Assessment Guide This document provides self-assessment guidance for conducting Cybersecurity Maturity...

PE.L2-3.10.4 Physical Access Logs

CMMC Requirement PE.L1-3.10.4 – Physical Access Logs: Maintain audit logs of physical access. Links to Publicly Available Resources Cisco – Why Integrate Physical and Logical Security? The document describes the importance of integrating physical and...

PE.L2-3.10.3 Escort Visitors

CMMC Requirement PE.L2-3.10.3 – Escort Visitors: Escort visitors and monitor visitor activity. Links to Publicly Available Resources CMMC Level 1 Self-Assessment Guide This document provides self-assessment guidance for conducting Cybersecurity Maturity Model...

PE.L2-3.10.1 Limit Physical Access

CMMC Requirement PE.L2-3.10.1 – Limit Physical Access: Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals. Links to Publicly Available Resources CMMC Level 1 Self-Assessment...

MP.L2-3.8.6 Portable Storage Encryption

CMMC Requirement MP.L2-3.8.6 – Portable Storage Encryption: Implement cryptographic mechanisms to protect the confidentiality of CUI stored on digital media during transport unless otherwise protected by alternative physical safeguards. Links to Publicly...

MP.L2-3.8.5 Media Accountability

CMMC Requirement MP.L2-3.8.5 – Media Accountability: Control access to media containing CUI and maintain accountability for media during transport outside of controlled areas. Links to Publicly Available Resources CMMC Level 2 Assessment Guide This document...