What Does it Mean to be FISMA Compliant?

Jan 19, 2022 Continuum GRC 0 Comment

The Federal Information Security Act, or FISMA, is a comprehensive cybersecurity law that has a widespread impact on federal agencies, state agencies handling federal programs and contractors and service providers working with these agencies. As such, its effect is wide-ranging, and FISMA requirements often overlap or inform other, more specific compliance frameworks.

However, at its core, FISMA dictates some of the basic and most fundamental cybersecurity practices that governed organizations must adhere to. Learn more about what it means to meet FISMA compliance.

CMMC 2.0 Maturity Levels and NIST 800-171

Jan 1, 2022 Continuum GRC 0 Comment

The original CMMC (version 1.0) was based on several cybersecurity guidelines, most prominently NIST 800-171. With the announcement of CMMC version 2.0 in early November 2021, however, the alignment between the frameworks and the NIST document has changed a bit. Fortunately, this change seems to be for the better, or at least more intuitive, for assessors and contractors.

Here, we’ll discuss how the new CMMC 2.0 assessment levels align with NIST 800-171 and how this can help contractors more readily meet their security obligations once the new framework goes into effect.

Continuum GRC Assessment, Audit and Risk SaaS Achieves FedRAMP Authorization

Dec 6, 2021 Michael Peters 0 Comment

Scottsdale, Arizona, November 15, 2021 (Continuumgrc.com) – Continuum GRC, Inc. has been granted its FedRAMP Authorization by the Federal Risk and Authorization Management Program (FedRAMP) program.