Microsoft AOS-G Program
What Is The Microsoft AOS-G Program? The Microsoft Agreement for Online Services – Government program, better known as the AOS-G program, was created to
Microsoft AOS-G Program Read Post »
SPRS: Supplier Performance Risk System
What is an SPRS Score? The Supplier Performance Risk System (SPRS) score measures your current cybersecurity compliance with NIST 800-171.
SPRS: Supplier Performance Risk System Read Post »
CMMC Level 2: Requirements and Solutions for DoW Contractors
Has CMMC 2.0 been published? Yes, after a long period of waiting, the DoW published the 48 Code of Federal Regulations (CFR) Final Rule, officially making the
CMMC Level 2: Requirements and Solutions for DoW Contractors Read Post »
DFARS 7021
What is DFARS 7021? DFARS 252.204-7021: Cybersecurity Maturity Model Certification Requirements is one of the three released clauses in the DFARS 70 series (7012, 7019, 7020).
DFARS 7020
DFARS 252.204-7020: NIST SP 800-171 DoW Assessment Requirements What is DFARS 7020? The Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7020 is one of
DFARS 7019
DFARS 7019 Origin and Context The Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7019 is titled “Notice of NIST Special Publication
DFARS 7012
The Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012 clause is the oldest of four clauses in the DFARS 70 series (7012, 7019, 7020, 7021, and 7025). DFARS 7012 applies
Governance, Risk, & Compliance (GRC) Guide
This guide explains how different Governance, Risk, and Compliance (GRC) solutions help DoD contractors manage cybersecurity policies, reduce risk, and stay in step with CMMC and NIST SP 800-171.
Governance, Risk, & Compliance (GRC) Guide Read Post »
NIST 800-171 and CMMC Compliance in M365
A Consolidated Source for Application of NIST 800-171 and CMMC 2.0 to the M365 Platform
NIST 800-171 and CMMC Compliance in M365 Read Post »
System Security Plans (SSPs) Guide
What they are, why they matter, and how to get them right
System Security Plans (SSPs) Guide Read Post »
What is a POAM?
This guide breaks down what a POAM is, why you need one, how the POAM process works, what the end goal is, and what a real-world example looks like.
What is ITAR Compliance?
ITAR stands for International Traffic in Arms Regulations. ITAR data refers to any technical data or information related to defense
What is ITAR Compliance? Read Post »
What Is Microsoft 365 GCC?
“GCC” stands for Microsoft 365 Government Community Cloud (GCC), and is a Microsoft Platform as a Service (PaaS) built on
What Is Microsoft 365 GCC? Read Post »
What is Microsoft GCC High?
GCC High is the cloud platform developed by Microsoft for cleared personnel and organizations supporting the Department of War (DoW).
What is Microsoft GCC High? Read Post »
DFARS Compliance
The main purpose of DFARS is to protect the confidentiality of Controlled Unclassified Information (CUI)
regulations apply to all DoD contractors.
CUI: The Complete Guide to Controlled Unclassified Information
Learn what CUI is, how to identify it, and how to protect it.
CUI: The Complete Guide to Controlled Unclassified Information Read Post »
CMMC Compliance Guide
Understanding the Cybersecurity Maturity Model Certification (CMMC 2.0) for Defense Contractors
CMMC Compliance Guide Read Post »