Scribd Logo
Carica

Benvenuto in Scribd!

  • CMMC Briefing Slides

    Caricato da

    BreakingDefense
    5K visualizzazioni3 pagine
    Cybersecurity Maturity Model Certification (CMMC)

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Cybersecurity Maturity Model Certification (CMMC)

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    5K visualizzazioni3 pagine

    CMMC Briefing Slides

    Caricato da

    BreakingDefense
    Cybersecurity Maturity Model Certification (CMMC)

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 3

    UNCLASSIFIED

    CMMC Model Structure

    17 Capability Domains (v1.0) Capabilities are assessed for


    Practice and Process Maturity

    DISTRIBUTION A. Approved for public release 1


    UNCLASSIFIED

    CMMC Maturity Process Progression

    LEVEL 5
    OPTIMIZING
    LEVEL 4
    REVIEWED
    LEVEL 3 5 PROCESSES
    MANAGED
    LEVEL 2 4 PROCESSES  Each practice is
    DOCUMENTED documented
    LEVEL 1 3 PROCESSES  Each practice is
    PERFORMED documented  A policy exists that
    2 PROCESSES  Each practice is includes all activities
    documented  A policy exists that
    0 PROCESSES  Each practice is includes all activities  Adherence is verified
    documented,  A policy exists that through Examine or
     Select practices are including Level 1 includes all activities  Adherence is verified Test
    documented where practices through Examine or
    required  Adherence is verified Test  A plan exists that
     A policy exists that through Examine or includes all activities
    includes all activities Test  A plan exists that
    includes all activities  Activities are
     A plan exists, is reviewed and
    maintained, and  Activities are measured for
    resourced that reviewed and effectiveness
    includes all activities measured for
    (includes mission, effectiveness (results  There is a
    goals, project plan, of the review is standardized,
    resourcing, training shared with higher documented
    needed, and level management approach across all
    involvement of and for issue applicable
    relevant resolution) organizational units
    stakeholders)
    Approved for public release 2
    UNCLASSIFIED

    CMMC Draft Schedule: CY20

    Q2FY20 Q3FY20 Q4FY20 Q1FY21


    Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

    Rulemaking DAR Council Meeting Goal:


    Complete Rulemaking Process

    CMMC Roll-Out Plan Initial RFIs with Initial RFPs with


    CMMC Requirement CMMC Requirement
    * Depends upon Rulemaking
    * Depends upon Rulemaking

    DoDI 5000.02 Cybersecurity Enclosure Complete reviews and approval

    CMMC Implementation Pathfinder(s) Initial Planning Pathfinder(s)


    with Subset of DIB Sector

    CMMC Accreditation Body (AB) Sign MOU (TBD) Marketplace (TBD)


    Establish
    CMMC AB Board Certification process for candidate CMMC Third Party Assessment Organizations (C3PAOs)

    CMMC Databases & Infrastructure Initial Planning Database/Infrastructure Pathfinder


    Initial Beta Testing

    CMMC AB Training Initiate Training for CMMC Levels 4-5


    • Train the trainers Initiate Training for CMMC 101, Levels 1-3
    • CMMC classes for assessors
    Refine Draft Training & Conduct Training Pathfinder with DoD

    Draft CMMC Training Material to Deliver Deliver Draft Training Deliver Draft Training
    Draft Training CMMC Levels 1-3 CMMC Levels 4-5
    CMMC Accreditation Body (AB)
    CMMC 101
    Coordinate and Conduct Training Pathfinder with CMMC AB

    Defense Acquisition University (DAU) Initiate Training for CMMC 101, Levels 1-3
    CMMC Training
    Initiate Training for CMMC Levels 4-5

    CMMC Assessment Guides Deliver Deliver Levels 4-5 to CMMC AB


    Levels 1-3
    to CMMC AB Update & Refine CMMC Assessment Guides

    CMMC Model Complete & Release v1.0 Potential update based on rulemaking process (TBD) 3

    Potrebbero piacerti anche