CMMC 2.0 Control RA.L2-3.11.1 - Periodically assess the risk to organizational operations
CMMC 2.0 Control RA.L2-3.11.2 - Scan for vulnerabilities in organizational systems and applications
CMMC 2.0 Control RA.L2-3.11.3 - Remediate vulnerabilities in accordance with risk assessments
CMMC 2.0 Control CA L2-3.12.1: Assessing Security Controls and Risk Management
CMMC 2.0 Control MP.L2-3.8.1 - Protect (i.e., physically control and securely store) system media
CMMC 2.0 Control SI.L1-3.14-4 - Update malicious code protection mechanisms when new releases are
CMMC 2.0 SI.L1-3.14.1 - Identify, report, and correct system flaws in a timely manner
CMMC 2.0 Control SI.L2-3.14.7 - Identify unauthorized use of organizational systems
NIST 800-171 Control 3.11.1 - Periodically Assess the Risk to Operations, Assets, and Individuals
CMMC 2.0 Control AU.L2-3.3.9 - Restricted Privileged User Access for Audit Logging Management
CMMC 2.0 Control PE L2-3.10.1 - Limit physical access to organizational systems, equipment, and the
CMMC 2.0 Control MP.L2-3.8.3 - Sanitize or destroy system media containing CUI before disposal or
CMMC 2.0 Control PE.L1-3.10.4 - Maintain audit logs of physical access
CMMC 2.0 Control SI.L2-3.14.3 - Monitor system security alerts and advisories and take action in
CMMC 2.0 Control PS L2-3.9.1 - Screen individuals prior to authorizing access to organizational
CMMC 2.0 Control SC.L2-3.13.15 - Protect the authenticity of communications sessions
CMMC 2.0 Control CA.L2-3.12.4 - Developing Effective System Security Plans
CMMC 2.0 Control SC.L2-3.13.11 - Employ FIPS-validated cryptography when used to protect the
CMMC 2.0 Control AC.L2-3.1.16: Pre-approve Wireless Access for Connections
CMMC 2.0 Control CA L2-3.12.3 - Monitoring Security Controls for Continued Effectiveness
