Introducing the CMMC Framework

Introducing the CMMC Framework

Last year, to protect Controlled Unclassified Information and Federal Contract Information, the US Department of Defense (DoD) announced the Cybersecurity Maturity Model Certification or CMMC. As of today, Tugboat Logic has a pre-built CMMC framework to help you get and stay compliant!

What is the CMMC Framework?

All DoD contractors need to obtain a CMMC certificate. There are five levels of certificates, and contractors will need to receive the Level 1 certificate before they can move to Level 2 and subsequent levels. Tugboat Logic’s CMMC framework allows you to choose the level you are working towards, complete it and move up to the next level.

The CMMC framework includes all of the policies, controls and evidence you need for every level. These controls cover the 17 domains, including the 85 processes and 171 practices that span these domains. In addition, the controls are all connected to new and existing evidence tasks, so anything you collected previously that’s relevant to your CMMC compliance is immediately applied.

Tugboat Logic and the CMMC Framework

As with all of our frameworks, the CMMC audit readiness module provides the guidance you need to complete your assessment prep quickly and confidently. First, to understand your business better, you complete a scoping exercise. Then our intuitive platform produces the components of the CMMC framework relevant to your unique organization. Additional modules are available to support you through the more tedious controls too.

And everything is managed in one place, including:

  • Employees acknowledgments of your policies through the awareness training module. 
  • Managing risks in the risk assessment module.
  • Monitoring your CMMC program’s status with the compliance calendar, using it to ensure you’re collecting evidence on time and eliminating compliance gaps. 
  • Collaborating with your assessor in your audit project module. After the assessment, you have a record of everything you provided them. 

Our Labs team is comprised of ex-Big Four auditors who have over 100 years of combined experience conducting audits. They’re our in-house team of industry experts and they’ve built all of our frameworks and fine-tuned them based on customer feedback and our network of audit partners. Our new CMMC framework is no exception. 

Our customer success team is also full of specialists ready to provide you with any guidance needed to implement controls and bring your InfoSec program to life. Between our in-product guidance and experts supporting you along the way, you’ll be CMMC compliant in no time!