CMMC Compliance

Assessment In
Los Angeles

 

Fast. Friendly. Professional

Improving The CMMC Compliance Assessment & Remediation Process For Businesses Located In Los Angeles & Orange County, California. We Can Help You Become CMMC Compliant. 

Call Us Today 949-266-2003

Contact Us Now!

  • This field is for validation purposes and should be left unchanged.

CMMC Remediation & Compliance Assessment

Regulatory compliance requirements are always being updated and are difficult to interpret. Our Intelecis experts have identified the essential network security controls and how they map to CMMC requirements.

IS Your Business CMMC Compliant?…

  • Do Your Employees need to be educated
  • Do You Have Security Standards & Controls
  • Are You Aware Of CMMC Guidelines for California
  • Completed a Risk Management CMMC Assessment
  • Do You Have Compliant Access Controls
  • Management of Audit Documentation
  • Response and Recovery
  • Enforced Corporate Info Updates

Assessment SSP/POA&M

First Intelecis performs a detailed risk assessment of your current network, physical security, required business processes and compare the results with the cyber security controls required by NIST SP 800 series. We then prepare a System Security Plan (SSP) and Plan of Action and Milestones (POA&M) so that you can provide documented evidence to the DoD that you’re on a path to compliance with a remediation plan.

CMMC Remediation

This step addresses the findings from your risk assessment. Depending on the state of your organization, this can be as simple as implementing multi-factor authentication and security awareness training or as complex as refreshing an entire aging infrastructure.  No matter where you are on the spectrum, Intelecis will manage this process.

Compliance Monitoring & Maintenance

Ongoing advanced cyber security monitoring and incident response capabilities are required to remain compliant. You must also constantly assess and maintain the NIST 800 series controls over time as systems change and fall out of alignment.  Our monthly service will keep you complaint, but more importantly, it will improve your maturity level.

The Compliance Model

Intelecis’ Cybersecurity Compliance and Risk Management Maturity Process

One common misconception is that CMMC compliance is the same thing as NIST SP 800-171. That is not entirely true, especially in the higher levels of CMMC that include requirements from frameworks other than NIST SP 800-171.

  • CMMC Level 1: This is essentially addressing FAR 52.204-21 cybersecurity principles.
  • CMMC Level 2: This builds on CMMC Level 1 and addresses a little over half of NIST 800-171 controls.
  • CMMC Level 3: This builds on CMMC Level 2 and addresses all NIST 800-171 and a few extras.
  • CMMC Levels 4 & 5: CMMC Levels 4 & 5 build off CMMC Level 3 and include controls from a range of frameworks:
    • CERT RMM v1.2
    • NIST SP 800-53
    • NIST SP 800-172
    • ISO 27002
    • CIS CSC 7.1
    • Unattributed “CMMC” references that are not attributed to existing frameworks.

Based on version 1.02 of the CMMC, there are 5 levels and each has its own specific set of controls that will be in scope for a CMMC audit. This article will cover this breakdown in more detail:

  • CMMC Level 1: 17 Controls
  • CMMC Level 2: 72 Controls(includes Level 1 controls)
  • CMMC Level 3: 130 Controls(includes Level 2 controls)
  • CMMC Level 4: 156 Controls(includes Level 3 controls)
  • CMMC Level 5: 171 Controls(includes Level 4 controls)