Statements (167)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:software_framework
gptkb:security_services |
| gptkbp:aims_to |
enhance cybersecurity
|
| gptkbp:aims_to_improve |
cybersecurity practices
|
| gptkbp:applies_to |
gptkb:Defense_Industrial_Base
|
| gptkbp:challenges |
legacy systems
small businesses resource constraints staff training needs new entrants budget limitations complexity of requirements non-compliant organizations |
| gptkbp:collaborated_with |
gptkb:private_sector
academic institutions |
| gptkbp:communication |
the public
contractors public forums guidance documents official channels |
| gptkbp:consists_of |
multiple levels
|
| gptkbp:developed_by |
gptkb:Department_of_Defense
stakeholder feedback industry input |
| gptkbp:enforces |
contractual obligations
|
| gptkbp:established_in |
gptkb:2020
|
| gptkbp:evaluates |
self-assessment
|
| gptkbp:focuses_on |
protecting controlled unclassified information
|
| gptkbp:governed_by |
CMMC Accreditation Body
|
| https://www.w3.org/2000/01/rdf-schema#label |
CMMC
|
| gptkbp:includes |
security controls
|
| gptkbp:includes_domains |
17 domains
|
| gptkbp:introduced_in |
gptkb:2020
|
| gptkbp:is_adopted_by |
gptkb:supply_chain_management
government agencies risk management defense contractors various industries government contractors large contractors |
| gptkbp:is_aligned_with |
gptkb:ISO/_IEC_27001
|
| gptkbp:is_critical_for |
gptkb:national_security
gptkb:business data protection supply chain security information security contract awards |
| gptkbp:is_designed_to |
reduce cyber threats
enhance cybersecurity resilience protect controlled unclassified information reduce risk of cyber attacks |
| gptkbp:is_documented_in |
official reports
official guidelines CMMC Model |
| gptkbp:is_enhanced_by |
best practices
technology solutions employee training continuous monitoring incident response plans cybersecurity innovations cybersecurity tools |
| gptkbp:is_evaluated_by |
gptkb:Cybersecurity
gptkb:security effectiveness performance metrics industry standards risk assessment three years certification process performance reviews third-party organizations external audits self-assessments compliance effectiveness cybersecurity assessments cybersecurity audits certified assessors compliance adherence maturity levels |
| gptkbp:is_examined_in |
contract bids
|
| gptkbp:is_facilitated_by |
gptkb:Consulting_Services
consulting firms technology solutions cybersecurity frameworks cybersecurity best practices cybersecurity tools |
| gptkbp:is_fundamental_to |
supply chain security
|
| gptkbp:is_implemented_in |
best practices
contractors cybersecurity policies |
| gptkbp:is_influenced_by |
emerging threats
cybersecurity incidents |
| gptkbp:is_integrated_with |
business continuity planning
IT governance cybersecurity regulations risk assessment processes other compliance frameworks |
| gptkbp:is_linked_to |
gptkb:supply_chain_management
risk management federal regulations cybersecurity frameworks data breach prevention national security policies national defense initiatives |
| gptkbp:is_part_of |
gptkb:NIST_SP_800-171
gptkb:Federal_Acquisition_Regulation gptkb:Cybersecurity national defense strategy national cybersecurity strategy cybersecurity governance. cybersecurity compliance efforts Cybersecurity Maturity Model Certification Program Do D procurement process |
| gptkbp:is_promoted_by |
government agencies
industry leaders industry associations cybersecurity organizations |
| gptkbp:is_promoted_through |
gptkb:educational_programs
workshops community outreach programs public awareness campaigns training sessions industry conferences |
| gptkbp:is_recognized_by |
gptkb:U._S._government
|
| gptkbp:is_reflected_in |
security policies
contractual language contract requirements |
| gptkbp:is_related_to |
risk management framework
cybersecurity compliance |
| gptkbp:is_reviewed_by |
gptkb:government_officials
stakeholders industry leaders cybersecurity experts cybersecurity committees |
| gptkbp:is_subject_to |
gptkb:legislation
audits regulatory changes legal scrutiny contractual penalties |
| gptkbp:is_supported_by |
government initiatives
training programs federal funding government funding cybersecurity research cybersecurity initiatives industry partnerships government partnerships federal resources federal cybersecurity programs |
| gptkbp:is_updated_by |
three years
to address new threats |
| gptkbp:is_utilized_for |
contractual obligations
contract compliance |
| gptkbp:is_utilized_in |
contract negotiations
government contracts |
| gptkbp:level |
1 to 5
five levels |
| gptkbp:provides |
a certification process
a framework for cybersecurity maturity |
| gptkbp:replaces |
gptkb:NIST_SP_800-171
DFARS clause 252.204-7012 |
| gptkbp:requires |
third-party assessments
Do D contractors |
| gptkbp:supports |
gptkb:national_security
|
| gptkbp:training |
assessors
|
| gptkbp:bfsParent |
gptkb:NIST_SP_800-171
|
| gptkbp:bfsLayer |
5
|