Blog

A Cybersecurity Practitioner's Thoughts On Conflicting CMMC Guidance

Posted by ComplianceForge on Jul 1st 2020

The intent of this article is to generate a professional discussion on CMMC that will make its way to the DoD PMO to hopefully remediate several issues in future releases of that standard. This art … read more

NIST 800-171 vs CMMC

Posted by ComplianceForge on Jan 10th 2020

At ComplianceForge, we field a lot of questions regarding NIST 800-171 compliance and the pending Cybersecurity Maturity Model Certification (CMMC). This article is something we made to help an … read more

NIST 800-171 Rev2 & NIST 800-171B

Posted by ComplianceForge on Jun 19th 2019

The draft of NIST 800-171 rev2 was released today. Most importantly, there are no changes to the controls (e.g., basic and derived security requirements in chapter 3) from NIST 800-171 rev 1. Howev … read more

OMB M-19-03 Compliance

Posted by ComplianceForge on May 6th 2019

In late 2018, the Office of Management and Budget (OMB) released a memorandum that pertains to strengthening cybersecurity practices for High Value Assets (HVAs), which also includes privacy consid … read more

Ohio's Data Protection Act - A New Twist To Data Protection Laws

Posted by ComplianceForge on Feb 6th 2019

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure. Documentation is oftentimes viewed as a passive effort that offers little protection to a co … read more