Course Overview
Learning Objectives
- Types of information
- Federal Contract Information (FCI)
- Controlled Unclassified Information (CUI)
- Government's CUI program
- NIST 800-171
- NIST 800-171
- Artifacts such as the system security plan (SSP) and POA&M
- Contractual Requirements
- FAR and DFARS
- DFARS 252.204-7012 - Safeguarding Covered Defense Information and Cyber Incident
- DFARS 252.204-7019 - Notice of NIST SP 800-171 DoD Assessment Requirements
- DFARS 252.204-7020 - NIST SP 800-171 DoD Assessment Requirements
- DFARS 252.204-7021 - CMMC Requirements
- CMMC
- CMMC levels 1, 2, and 3
- CMMC timeline
- CMMC implications for Managed Services Providers (MSPs)
- Joint Surveillance Voluntary Assessments (JSVAs)
- Roles in the CMMC ecosystem such as the Cyber AB, CAICO, C3PAOs, RPOs, and more
- 5-step action plan
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):