Tag: CMMC compliance

CMMC Practice AC.L2-3.1.3: What You Need To Know 

Graphic with fighter jet against blue sky that reads "CMMC Practice AC.L2-3.1.3: What You Need To Know "

The Cybersecurity Maturity Model Certification (CMMC) practice AC.L2-3.1.3 requires defense contractors to control the flow of Controlled Unclassified Information (CUI). But what does this mean, exactly? Keep reading to learn more about what compliance with this CMMC practice entails.  CMMC Practice AC.L2-3.1.3: the Basics According to the CMMC practice AC.L2-3.1.3, “Control CUI Flow,” companies within […]

CMMC: What Is the Principle of Least Functionality?

Graphic that reads "Principle of Least Functionality" above the silhouette of a tank

As you navigate your way through the Cybersecurity Maturity Model Certification (CMMC) compliance, you will come across the term “principle of least functionality.” But what does it mean, exactly? In today’s blog post, we give you all the resources you need to understand this key concept.  About the Principle of Least Functionality Least functionality is […]

Why Is CMMC Important? 

Graphic showing a folder with the logo of CMMCCompliance.us and a paper that reads: "Why is CMMC Important?" and a stamp that reads "Priority."'

If you are still confused about the Cybersecurity Maturity Model Certification, a good place to start is by understanding its importance. Keep reading to learn what CMMC is, why you need it, and why it is important.  What Is CMMC? The Cybersecurity Maturity Model Certification is a cybersecurity framework created by the Department of Defense […]

DFARS vs CMMC: What Is the Difference? 

Graphic that reads "DFARS vs CMMC: What Is the Difference? "

DFARS and CMMC are two concepts you need to understand if you are part of the Defense Industrial Base in any capacity. But if you have difficulties making sense of the differences between them, don’t worry: in this post, you will find everything you need to know.  CMMC: The Basics CMMC stands for Cybersecurity Maturity […]

CUI vs FCI: What Is the Difference? 

Graphic that reads "CUI vs FCI."

While Controlled Unclassified Information (CUI) tends to get all the attention, the Cybersecurity Maturity Model Certification (CMMC) also aims to protect Federal Contract Information (FCI). Read on to learn more about FCI and CUI, including their differences and how to safeguard them according to CMMC.   What Is FCI? The term Federal Contract Information refers to […]

Can You Self-Certify CMMC? 

Graphic that reads "Can you self-certify CMMC?"

Certifications Under CMMC Can you self-certify CMMC? The answer is yes, but only if you aim to achieve CMMC Level 1. In all other cases, self-certification is not possible. CMMC comprises three progressive levels that mandate an increasing number of cybersecurity practices as follows: Level 3 (Expert): 110+ practices Level 2 (Advanced): 110 practices Level […]

Can CUI Be Shared With Foreign Nationals? 

Graphic that reads "CUI & Foreign Nationals"

As we have seen in previous posts, ITAR data cannot be shared with foreign nationals. But what about Controlled Unclassified Information (CUI), the main object of the Cybersecurity Maturity Model Certification (CMMC)? In today’s post, we discuss everything you need to know about CUI and foreign nationals. Keep reading to learn more.   What Is Controlled […]

What Is a CMMC RPO? 

Graphic that reads "What Is a RPO in CMMC?"

When it comes to the Cybersecurity Maturity Model Certification (CMMC), there are many terms you need to be aware of. One of those acronyms is RPO or Registered Provider Organization. Keep reading to take a closer look at this important part of the CMMC ecosystem.  About Registered Provider Organizations (RPOs) Before we delve into the […]