August 1, 2023

Explore CMMC : Automation of NIST 800-171 assessments and vendor questionnaires using ServiceNow

To meet the Department of Defense’s (DoD) requirements to ensure that cybersecurity controls and processes adequately protect Controlled Unclassified Information (CUI) that resides on Defense Industrial Base systems and networks, it is critical to understand and conform to the Cybersecurity Maturity Model Certification (CMMC). Understanding the role your vendors play in this requirement becomes increasingly important as contractors and subcontractors are subject to compliance depending on the type and sensitivity of information that flows down to them.

Join us to learn from our partner, SecurityBricks how their ServiceNow store plugin for Vendor Risk Management provides an out-of-the-box solution designed specifically to meet the CMMC requirements and gain visibility into your suppliers and any associated compliance risk.

In this session, we’ll discuss:

  • Explore how the CMMC impacts contractual flow down of information working with contractors and subcontractors.
  • Examine how vendor risk managers can easily assign a NIST 800-171 questionnaire to all in-scope vendors, monitor their responses and track progress towards compliance.
  • Discuss Supplier Performance Risk System (SPRS) scores.
  • Demonstrate the varied questionnaires and templates that can be seamlessly added for both CMMC Level 1 and CMMC Level 2 assessments, DFARS and ITAR.
  • Unveil insights into meeting ongoing documentation requirement and the implementation control standards that may be required to pass external audit.