Training and Development for Employees
Employee training and development programs are essential to the success of businesses worldwide. Not only do these programs offer opportunities for staff to improve their skills, but also for employers to enhance employee productivity and improve company culture.
Who Needs CMMC Compliance?
The Cybersecurity Maturity Model Certification (CMMC 2.0) is a requirement by the Department of Defense (DoD) to ensure that all contractors and sub-contractors who handle controlled classified information meet DoD security protocols. By receiving a CMMC certification, your organization’s customers and the DoD will see that you are taking the security of their data seriously.
What are the Levels of CMMC Compliance?
- Level 1 will be based on the 17 controls found in FAR 52.204-21, Basic Safeguarding of Covered Contractor Information, and focus on the protection of Federal Contract Information. There is an annual self-assessment for Level 1.
- Level 2 aligns with the 14 levels and 110 security controls developed by the National Institute of Technology and Standards (NIST) to protect Controlled Unclassified Information. The new Level 2 is in complete alignment with NIST SP 800-171. A CMMC-AB approved C3PAO assessment every three years is required at Level 2.
- Level 3 is based on NIST SP 800-171’s 110 controls plus a subset of NIST SP 800-172 controls. A DoD-staffed (DIBCAC) assessment is required every 3 years at Level 3.
How Latitudes I.T. will get you CMMC Compliant:
- Access Control
- Awareness and Training
- Audit and Accountability
- Configuration Management
- Identification and Authentication
- Incident Response
- Media Protection
- Personnel Security
- Physical Protection
- Risk Assessment
- System and Communications Protection
- System and Information Integrity