Part 2 – Developing your System Security Plan (SSP) and Plan of Action and Milestones (POAM). This 2- hour course is the second part in a two-part series and focuses on – “The DoD NIST SP800-171 Assessment Process and Your SPRS Score.” This workshop helps participants step through the process of developing the SSP and POAM and understanding key requirements to maintaining both.
$499.00
Part 2 – Developing your System Security Plan (SSP) and Plan of Action and Milestones (POAM). This 2- hour course is the second part in a two-part series and focuses on – “The DoD NIST SP800-171 Assessment Process and Your SPRS Score.” This workshop helps participants step through the process of developing the SSP and POAM and understanding key requirements to maintaining both.
Captiva Solutions LLC
8201 Corporate Dr Ste 635
Greater Landover, MD 20785
TF: 888.850.9280
Tel: 202.770.2120
Fax: 202.770.2121
Captiva Solutions is your trusted partner for all your IT and cybersecurity concerns. Using cutting-edge technology, adaptive systems, dedicated resources, and the highest levels of skills and expertise, we offer comprehensive IT solutions at competitive rates.
COPYRIGHT © 2023 CAPTIVA SOLUTIONS
Level 1
An organization must demonstrate basic cyber hygiene practices, such as ensuring employees change passwords regularly to protect Federal Contract Information (FCI). FCI is “information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government.”
Level 2
An organization must have an institutionalized management plan to implement good cyber hygiene practices to safeguard CUI, including all the NIST 800-171 r2 security requirements and processes
Level 3 – Expert.
An organization must have standardized and optimized processes in place and additional enhanced practices that detect and respond to changing tactics, techniques and procedures (TTPs) of advanced persistent threats (APTs).
An APT is an adversary that possesses sophisticated levels of cyber expertise and significant resources to conduct attacks from multiple vectors. Capabilities include having resources to monitor, scan, and process data forensics.
