Loading Events

« All Events

Virtual Event Virtual Event
  • This event has passed.

FINAL RULE DISCUSSION & AC Domain Level 2 – Part II

October 18 @ 12:00 pm - 1:00 pm EDT

Virtual Event Virtual Event
Event Series Event Series (See All)
Free
Access

We will preempt our Level 2 Practices discussion for a review of the CMMC Final Rule.  Key topics we will cover:

  • Timing
  • Changes to the Assessment
  • POAMs
  • What should you expect from your C3PAO.
  • MSP/MSSP/ESP/CSP clarifications.
  • Anything else you’d like to ask!

Time permitting, we will also continue our discussion of the AC Domain and Level 2 Practices, as noted below.

——————————————————————-

In our first two CMMC Practice session we reviewed the Level 1 Practices within the Access Control (AC) Domain and the Level 2 Practices with a focus on network and device access.   Next up we will continue our more in-depth look at the CMMC Level 2 practices within the AC domain.

This session will take a look at the CMMC AC domain practices that focus on user access control and account management:

AC.L2-3.1.4 – Separation of Duties
AC.L2-3.1.5 – Least Privilege
AC.L2-3.1.6 – Non-Privileged Account Use
AC.L2-3.1.7 – Privileged Functions
AC.L2-3.1.8 – Unsuccessful Logon Attempts
AC.L2-3.1.9 – Privacy & Security Notices
AC.L2-3.1.10 – Session Lock
AC.L2-3.1.11 – Session Termination
AC.L2-3.1.15 – Privileged Remote Access

We will also take to time to talk about the “CUI” requirements for the AC Level 1 practices:
AC.L1-3.1.1 Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
AC.L1-3.1.2 Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
AC.L1-3.1.22 Control information posted or processed on publicly accessible information systems.

Whether you are a subcontractor or prime contractor directly with the Department of Defense, you don’t want to miss this session of the CMMC AC domain practices as we get more in-depth on our implementation discussions.  Still have questions?  Check out our blogs, sign up for CMMC Training, email us directly.

Security Catapult

Ready to start checking your compliance Readiness? Monarch’s Security Catapult is a CMMC self-assessment tool to prepare you for a CMMC assessment.

Security Catapult:

  • Guides you through the same type of questions an auditor will ask for all CMMC Practices.
  • Explains technical information in plain English to help you fully understand your performance requirements.
  • Tracks all required tasks and prioritizes your remediation steps in real time.
  • Instantly shows your SPRS (Supplier Performance Risk System) score.
  • Is for teams of all sizes.

Security Catapult was created by authorized CMMC assessors, DoD industry consultants and cybersecurity specialists precisely for Department of Defense contractors.

We’ve transformed reaching your CMMC goals into a logical and collaborative step-by-step process. Whether you are at CMMC Level 1 or 2, and regardless of the size of your organization, the Security Catapult takes the mystery and complexity out of preparing for your audit.

Check out Level 1 for free today!

Details

Date:
October 18
Time:
12:00 pm - 1:00 pm EDT
Series:
Cost:
Free
Event Categories:
,
Event Tags:
, , ,
Website:
https://monarchisc.com/event/cybermd-series-AC-L2-Part-2

Venue

Online

Organizer

Monarch ISC
Phone
207-808-0472
Email
info@Monarchisc.com
View Organizer Website