Blog

NIST 800-171 Basic Assessment Reporting To SPRS

Posted by ComplianceForge on Nov 12th 2020

For those organizations in scope for NIST 800-171, the self-imposed November 30, 2020 deadline is fast approaching for many subcontractors to submit the results of their “basic assessment” to Suppli … read more

NIST SP 800-53 Update - WISP & CSOP

Posted by ComplianceForge on Oct 29th 2020

NIST released the final version of NIST SP 800-53B that identifies what NIST SP 800-53 R5 controls fall into low, moderate, high and privacy baselines. This allowed ComplianceForge to release new vers … read more

CMMC Assessment Preparation - Can Your Documentation Tell A Story?

Posted by ComplianceForge on Oct 25th 2020

Story Time - Using Documentation To Tell Your CMMC Compliance StoryIf you are looking at a future CMMC assessment, there is a good chance that you have asked yourself what the critical component to a … read more

CMMM Kill Chain

Posted by Guest Author - Tom Cornelius on Oct 25th 2020

The concept of creating a “CMMC Kill Chain” started off as a bit of a dare… kind of a “Here! Hold my coffee!” moment among a small group of CMMC practitioners to create a proof of concept for an effic … read more

When is a conformity assessment not a conformity assessment? (hint – it is CMMC)

Posted by Guest Author - Tom Cornelius on Aug 14th 2020

This episode of Coffee Thoughts With Tom addresses CMMC as a conformity assessment, since conformity assessments are intended to use a risk-based approach to determine a confidence point (e.g., materi … read more