Category: DFARS

Cybersecurity Maturity Model Certification


The Department of Defense (DoD) recently announced the development of the ”Cybersecurity Maturity Model Certification (“CMMC”)”, a standard aimed at assessing and enhancing the cybersecurity posture of the Defense Industrial Base (“DIB”), particularly as it relates to controlled unclassified information (“CUI”) within the supply chain. This new standard will provide ... Read More
August 3, 2019admin


NIST SP 800- 171 & Continuous Monitoring of security controls and cyber hygiene, are must for any DoD subcontractor looking to stay compliant. Traditionally, this process has been referred to as “Continuous Monitoring” as noted in NIST SP 800-137 Information Security Continuous Monitoring for Federal Information Systems and Organizations.  It is ... Read More
May 8, 2018admin


POAM NIST 800-171 (Plan of Action and Milestones) is required for DoD contractors to meet DFARS compliance requirements. If during your internal audit you find that your company does not meet some of the NIST requirements, the Plan of Action and Milestones outlines how and ... Read More
April 12, 2018admin


CKSS offers a free NIST 800-171 GAP Analysis. Fill out the form to the left and also download our free white paper on DFARS compliance. ROADMAP FOR COMPLIANCE For compliance best practices, contractors should consider the following: Consult with legal counsel to determine contracts that are subject to the new rule and ... Read More
April 12, 2018admin


Below you can download a NIST 800-171 compliance checklist  which lists the Core components necessary to meet DFARS cybersecurity requirements. The checklist includes the following: COVERED DEFENSE (CDI) DISCOVERY - You’ll need a baseline of risk to make decisions on implementing controls. In addition, you need to define your accreditation boundary ... Read More
March 18, 2018admin


The DFARS NIST 800 171 Compliance deadline is December 31, 2017. Below are the recommended controls that are required to ensure the confidentiality of CUI and NIST Compliance based on SP 800-171: Access Control Audit and Accountability Awareness and Training Configuration Management Identification and Authentication Incident Response Media Protection Personnel ... Read More
November 28, 2017admin


This is a NIST 800-171 System Security Plan (SSP) Template which is a comprehensive document that provides an overview of NIST SP 800-171 Rev. 1 system security requirements and describes controls in place or planned to meet those requirements. The SSP toolkit also comes with a POAM ... Read More
November 2, 2017admin
Computer Files


In response to the recent executive orders and growing pressure from high profile government data breaches, the DoD approved and updated the interim rule for the Defense Federal Acquisition System in August and December 2015 - “Network Penetration Reporting and Contracting for Cloud Services” (DFARS Case 2013-D018). The interim rule ... Read More
November 13, 2016admin
Secured By miniOrange