0% found this document useful (0 votes)

283 views1 page

Integrated Cybersecurity Governance Model - CMMC Version

Uploaded by

wenapo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

283 views1 page

Integrated Cybersecurity Governance Model - CMMC Version

Uploaded by

wenapo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

Integrated Cybersecurity Governance Model (ICGM)™

Addressing Cybersecurity Maturity Model Certification (CMMC) & NIST 800-171 Compliance
This model represents a “Plan, Do, Check & Act”
POLICIES & S TANDARDS approach to implement and operate integrated
MAY INFLUENCE cybersecurity and privacy governance practices. The
GUIDELINES
START
PLAN SOMETIMES
ICGM is a useful tool to help visualize CMMC & NIST 800-
171 governance, risk and compliance-related activities.
IDENTIFY EXTERNAL INFLUENCERS GENERATE
[COMPLIANCE REQUIREMENTS] ARE ENFORCED
INFLUENCE BY INFLUENCE BECOMES
- STATUTORY & REGULATORY OBLIGATIONS POLICIES STANDARDS TOOL SELECTION
- CONTRACTUAL OBLIGATIONS
- INDUSTRY-RECOGNIZED PRACTICES ARE ALIGNED WITH
COMPLIANCE OBLIGATIONS
IDENTIFY INTERNAL INFLUENCERS ESTABLISH ARE IMPLEMENTED BY
& PROVIDE SCOPING FOR
[CORPORATE POLICIES & MANAGEMENT INTENT] COMPLIANCE-RELATED
- BUSINESS PROCESSES INFLUENCE CRITERIA FOR INFLUENCES
CONTROL OBJECTIVES [SSP I TEM]
- RISK TOLERANCE
- AUDIT FINDINGS IDENTIFY
REQUIREMENTS FOR [SSP I TEM]

CONTROLS
SUPPORT
800-171 PROCEDURES
REQUIRE THE IMPLEMENTATION OF CYBERSECURITY & PRIVACY ARE IMPLEMENTED BY PROCEDURES / ARE APPLIED TO SYSTEMS, APPLICATIONS,
MAY INFLUENCE &
IDENTIFY CHANGES TO [INCLUDES COMPENSATING CONTROLS FOR EXCEPTION REQUESTS] [POA&M ITEM] CONTROLS CONTROL ACTIVITIES [SSP I TEM] SERVICES & PROCESSES

DETERMINE THE PRIORITIZATION

& IMPLEMENTATION OF DO ENABLE THE
GENERATION OF
ARE REVIEWED
THROUGH

RESOURCE PRIORITIES [C3PAO ACTIVITY] VERIFY

EXCEPTION REQUESTS
RISK MANAGEMENT & NON-COMPLIANT ARE LINKED TO FEED
AFFECTS CONTROLS REQUIRE SECURITY METRICS AUDITS / ASSESSMENTS
AFFECTS
REMEDIATION ACTIONS ACCEPTABLE RISK TOLERANCE

ARE ASSESSED
[POA&M ITEM] EXCEPTION REQUESTS & NON-COMPLIANT PROCEDURES REQUIRE GENERATE
CHECK
AGAINST
GENERATES [POA&M ITEM] IDENTIFIES PROVIDE OVERSIGHT CAPABILITIES TO ANALYTICS & TRENDS
RISK ANALYSIS REQUIREMENTS FOR
RISK MANAGEMENT COVERS THE FOLLOWING: [KPIS / KRIS / KCIS]
- PLAN OF ACTION & MILESTONES (POA&M) SITUATIONAL
PROVIDE GUIDANCE TO INFLUENCES AWARENESS
- SYSTEM SECURITY PLAN (SSP) CORPORATE LEADERSHIP
- DATA PROTECTION IMPACT ASSESSMENTS (DPIAS)
- BUSINESS IMPACT ANALYSIS (BIA) DIRECTS
- RISK ASSESSMENTS INFLUENCE
- VENDOR ASSESSMENTS INFLUENCES
- THREAT ASSESSMENTS
- VULNERABILITY ASSESSMENTS
ACT REQUIRE
STAKEHOLDER CONFIDENCE

- PENETRATION TESTING
IDENTIFY NEEDS FOR IDENTIFY
DEFICIENCIES

Copyright © 2020 by ComplianceForge, LLC (ComplianceForge). All rights reserved. VERSION 2020.1
Modification of any content, including text and images, requires the prior written permission of ComplianceForge. Requests ma y be s ent to support@ complianceforge.com.

CMMC Appendices V1.02 20200318
100% (2)
CMMC Appendices V1.02 20200318
338 pages
C2M2-CMMC Supplemental Guidance
No ratings yet
C2M2-CMMC Supplemental Guidance
168 pages
CMMCModelExcel V1.02 20200318
100% (1)
CMMCModelExcel V1.02 20200318
29 pages
CMMC ML1 Questionnaire
No ratings yet
CMMC ML1 Questionnaire
16 pages
Best Practices in Implementing A Secure Microservices Architecture
100% (1)
Best Practices in Implementing A Secure Microservices Architecture
85 pages
SP RMM Overview
No ratings yet
SP RMM Overview
16 pages
Secure Data Deletion - Joel Reardon
No ratings yet
Secure Data Deletion - Joel Reardon
208 pages
C2M2 V2.1 Self-Evaluation Workshop Kickoff Presentation
No ratings yet
C2M2 V2.1 Self-Evaluation Workshop Kickoff Presentation
35 pages
Cybersecurity Maturity Model Certification - Assessment Process
100% (1)
Cybersecurity Maturity Model Certification - Assessment Process
47 pages
NIST Cybersecurity Framework 2.0 Final Draft
100% (1)
NIST Cybersecurity Framework 2.0 Final Draft
39 pages
Cybersecurity CISO Vital Part Operations
No ratings yet
Cybersecurity CISO Vital Part Operations
11 pages
Dfars Nist CMMC Compliance
No ratings yet
Dfars Nist CMMC Compliance
77 pages
CSA CCM v1.3
No ratings yet
CSA CCM v1.3
421 pages
AuditScripts CIS Controls Master Mappings v7.1b
No ratings yet
AuditScripts CIS Controls Master Mappings v7.1b
3,429 pages
Peerless-NIST SP 800-171 Controls Explained-Infographic
No ratings yet
Peerless-NIST SP 800-171 Controls Explained-Infographic
1 page
ISO 27001 ISMS Implementation Plan
50% (2)
ISO 27001 ISMS Implementation Plan
3 pages
(2025) NIST Privacy Framework 1.1
No ratings yet
(2025) NIST Privacy Framework 1.1
51 pages
CMMI CP Model Development Approach
No ratings yet
CMMI CP Model Development Approach
15 pages
Cybersecurity Maturity Model Certification: December 3, 2021
No ratings yet
Cybersecurity Maturity Model Certification: December 3, 2021
7 pages
The Elements of User Experience
No ratings yet
The Elements of User Experience
23 pages
Cloud Security Guide For SMEs
No ratings yet
Cloud Security Guide For SMEs
50 pages
CMMC DFARS 800 171 Ignyte Platform 2020
No ratings yet
CMMC DFARS 800 171 Ignyte Platform 2020
17 pages
CIS Controls v8 CMMC Mapping
No ratings yet
CIS Controls v8 CMMC Mapping
122 pages
CMMC Briefing Slides
50% (2)
CMMC Briefing Slides
3 pages
BitLyft CMMC Guide
No ratings yet
BitLyft CMMC Guide
18 pages
Cloud Incident Response Framework - A Quick Guide
No ratings yet
Cloud Incident Response Framework - A Quick Guide
13 pages
NIST 2 Framework
100% (1)
NIST 2 Framework
32 pages
CSA Cloud Threat Hunting
No ratings yet
CSA Cloud Threat Hunting
23 pages
Understanding CUI Marking Responsibilities
No ratings yet
Understanding CUI Marking Responsibilities
32 pages
CUI Marking Registry (2022.1)
No ratings yet
CUI Marking Registry (2022.1)
31 pages
VCISO Implementation Roadmap
No ratings yet
VCISO Implementation Roadmap
2 pages
FC FC FC: MC MC MC PC PC PC SC SC SC
No ratings yet
FC FC FC: MC MC MC PC PC PC SC SC SC
2 pages
DWP ss018 Security Standard Network Security Design PDF
No ratings yet
DWP ss018 Security Standard Network Security Design PDF
35 pages
Diploma Syllabus 1st Year-2nd Sem PDF
No ratings yet
Diploma Syllabus 1st Year-2nd Sem PDF
7 pages
Design of Mini Compressor Less Powered Refrigerator: Project Report ON
No ratings yet
Design of Mini Compressor Less Powered Refrigerator: Project Report ON
37 pages
ISMS Data Protection Policy
No ratings yet
ISMS Data Protection Policy
7 pages
English 7 Q2 Module 2
67% (3)
English 7 Q2 Module 2
24 pages
25 Great But Little-Known Cybersecurity Frameworks
No ratings yet
25 Great But Little-Known Cybersecurity Frameworks
2 pages
SP RMM
No ratings yet
SP RMM
2 pages
Capstone Portfolio Template
100% (1)
Capstone Portfolio Template
4 pages
2018.1 Example CSOP WISP NIST CSF Mapping
No ratings yet
2018.1 Example CSOP WISP NIST CSF Mapping
12 pages
Cyber Security Architecture Risk Assessm
No ratings yet
Cyber Security Architecture Risk Assessm
244 pages
NIST Privacy Framework - Highlights From Version 1
No ratings yet
NIST Privacy Framework - Highlights From Version 1
17 pages
Abstract of Bids As Read and As Calculated
100% (1)
Abstract of Bids As Read and As Calculated
135 pages
C2M2 Implementation Guide
No ratings yet
C2M2 Implementation Guide
13 pages
ComplianceForge Hierarchical Cybersecurity Governance Framework PDF
No ratings yet
ComplianceForge Hierarchical Cybersecurity Governance Framework PDF
1 page
CCSK
0% (1)
CCSK
16 pages
CISSP Common Body of Knowledge Review in
No ratings yet
CISSP Common Body of Knowledge Review in
145 pages
Cloud Computing Security Breaches
No ratings yet
Cloud Computing Security Breaches
54 pages
Cdpse Factsheet v2 0620
No ratings yet
Cdpse Factsheet v2 0620
2 pages
Radio de Auro Panasonic Cq-Rx100u
No ratings yet
Radio de Auro Panasonic Cq-Rx100u
44 pages
ComplianceForge Hierarchical Cybersecurity Governance Framework
No ratings yet
ComplianceForge Hierarchical Cybersecurity Governance Framework
1 page
ISO27k Security Metrics Examples
100% (3)
ISO27k Security Metrics Examples
10 pages
Certification: Exam Outline
No ratings yet
Certification: Exam Outline
15 pages
SG - CMMC Overview Presentation
No ratings yet
SG - CMMC Overview Presentation
12 pages
CCSK QB
No ratings yet
CCSK QB
25 pages
C-SCRM Fact Sheet
No ratings yet
C-SCRM Fact Sheet
2 pages
ISO27701 and GDPR Gaps and Overlaps
No ratings yet
ISO27701 and GDPR Gaps and Overlaps
13 pages
IMAS 08.10 Ed.1 Am2
No ratings yet
IMAS 08.10 Ed.1 Am2
19 pages
CCSK Prep
No ratings yet
CCSK Prep
3 pages
Essential 8
No ratings yet
Essential 8
8 pages
Function Category: Asset Management (AM) : The Personnel, Devices, Systems, and
No ratings yet
Function Category: Asset Management (AM) : The Personnel, Devices, Systems, and
21 pages
Security Pillar: AWS Well-Architected Framework
No ratings yet
Security Pillar: AWS Well-Architected Framework
46 pages
Cluster Analysis
No ratings yet
Cluster Analysis
12 pages
Class 1: Security and Risk Management
No ratings yet
Class 1: Security and Risk Management
24 pages
Security Control Matrix - PDF Mounika
No ratings yet
Security Control Matrix - PDF Mounika
8 pages
Pci Dss v4 0 at A Glance
No ratings yet
Pci Dss v4 0 at A Glance
2 pages
TCLG Information Security ISO Standards Feb 2015 PDF
No ratings yet
TCLG Information Security ISO Standards Feb 2015 PDF
28 pages
Microsoft Zero Trust Maturity Model - Oct 2019
No ratings yet
Microsoft Zero Trust Maturity Model - Oct 2019
7 pages
Nist SP 800-229
No ratings yet
Nist SP 800-229
27 pages
IGBT Based AC-AC Transmission 10.09 PDF
No ratings yet
IGBT Based AC-AC Transmission 10.09 PDF
25 pages
MSSQL Lab Sertup
No ratings yet
MSSQL Lab Sertup
18 pages
The Evolution of The CASB
No ratings yet
The Evolution of The CASB
30 pages
Pro Python System Administration 2nd Edition Rytis Sileika Download
100% (1)
Pro Python System Administration 2nd Edition Rytis Sileika Download
60 pages
Web Browsing Intro It
No ratings yet
Web Browsing Intro It
29 pages
OFAD 40023 Internet and Web Design COMMON
No ratings yet
OFAD 40023 Internet and Web Design COMMON
86 pages
Design and Interface Examples Using 8051
No ratings yet
Design and Interface Examples Using 8051
43 pages
HONO
No ratings yet
HONO
29 pages
1187-1996 - Farm Milk Cooling and Storage Systems
No ratings yet
1187-1996 - Farm Milk Cooling and Storage Systems
19 pages
Information Security Handbook: Enhance Your Proficiency in Information Security Program Development 2nd Edition Anonymous 2024 Scribd Download
No ratings yet
Information Security Handbook: Enhance Your Proficiency in Information Security Program Development 2nd Edition Anonymous 2024 Scribd Download
40 pages
Module 2 Network Threats
No ratings yet
Module 2 Network Threats
40 pages
Information Security Management Through Reflexive Security
No ratings yet
Information Security Management Through Reflexive Security
18 pages
VMware Avi Load Balancer VSphere Deployment Guide
No ratings yet
VMware Avi Load Balancer VSphere Deployment Guide
54 pages
Mobile-Application-Security Testing-Landscape-Overview
No ratings yet
Mobile-Application-Security Testing-Landscape-Overview
14 pages
Subscription License Suites - January 2025
No ratings yet
Subscription License Suites - January 2025
10 pages
SaravananPV3010 - UiPath Web Scraping Data
No ratings yet
SaravananPV3010 - UiPath Web Scraping Data
6 pages
Research Office Confidential Reference
No ratings yet
Research Office Confidential Reference
3 pages
Beyond The General Data Protection Regulation - McAfee
No ratings yet
Beyond The General Data Protection Regulation - McAfee
20 pages
CSA-Risk Management-Update
No ratings yet
CSA-Risk Management-Update
15 pages
Wires
No ratings yet
Wires
4 pages
Unit-5 Test
No ratings yet
Unit-5 Test
2 pages
4 - Creating Creative Photomontages or Image Mixing Using Generative Adversarial Networks
No ratings yet
4 - Creating Creative Photomontages or Image Mixing Using Generative Adversarial Networks
9 pages
Faith in Mind PDF
No ratings yet
Faith in Mind PDF
2 pages
CycloTouch R-Series Brochure V03
No ratings yet
CycloTouch R-Series Brochure V03
2 pages
IT Audit Field Manual: Strengthen your cyber defense through proactive IT auditing
From Everand
IT Audit Field Manual: Strengthen your cyber defense through proactive IT auditing
Lewis Heuermann
No ratings yet
ISO 27001/ISO 27002: A guide to information security management systems
From Everand
ISO 27001/ISO 27002: A guide to information security management systems
Alan Calder
No ratings yet
ISMS The Ultimate Step-By-Step Guide
From Everand
ISMS The Ultimate Step-By-Step Guide
Gerardus Blokdyk
No ratings yet
Qualified Security Assessor Complete Self-Assessment Guide
From Everand
Qualified Security Assessor Complete Self-Assessment Guide
Gerardus Blokdyk
No ratings yet

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Integrated Cybersecurity Governance Model - CMMC Version

Uploaded by

Integrated Cybersecurity Governance Model - CMMC Version

Uploaded by

Integrated Cybersecurity Governance Model (ICGM)™

DETERMINE THE PRIORITIZATION

RESOURCE PRIORITIES [C3PAO ACTIVITY] VERIFY

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.