Access Control (AC)
Audit & Accountability (AU)
Awareness & Training (AT)
Configuration Management (CM)
Identification & Authentication (IA)
Incident Response (IR)
Maintenance (MA)
Media Protection (MP)
Personnel Security (PS)
Physical Protection (PE)
Risk Assessment (RA)
Security Assessment (CA)
Systems & Communications Protection (SC)
System & Information Integrity (SI)
Level 2 Overview |
General CMMC practice expectations at this level: Demonstrate good cyber hygiene and effective NIST 800-171 R2 security requirements.
Practices: Level 2 has a total of 110 Practices which include the 17 Level 1 Practices plus 93 Level 2 Practices
CMMC Process Maturity Expectations: Comprehensive documentation is required including a System Security Plan (SSP), Policies etc.
Copyright © 2022 Celerium. All Rights Reserved.