Welcome to part 11 of “What you need to know about CMMC”. I’m Bob Hanley from Sabre Systems and today we will continue our discussions on the 17 CMMC domains as we help you and your efforts to be CMMC ready. If you remember, we discussed risk management last week. Today, we’re going to discuss security assessments or CA for short. Remember, CMMC is about protecting controlled unclassified information or CUI which includes lim-dis and FOUO, or limited distribution, For Official Use Only.
So, where are we in our journey through these CMMC domains? You’ve been with me for quite a few weeks now, but let’s catch everybody up. We’ve already reviewed ten domains, if you remember: awareness training, configuration management, identification and authentication, incident response, maintenance, media protection, personnel security, physical protection, recovery and risk management. If you have missed any, please go back and take a look at the vlogs we have previously posted to get you caught up. All of these domains connect and relate to each other, they are complementary, so it’s important as we move on to think in those terms on how they connect, get that overall understanding of these domains within that context. Read the full script.