This video provides a step-by-step guide on how government contractors can achieve compliance with the cybersecurity requirements established by the U.S. Department of Defense (DoD), specifically Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012, entitled “Safeguarding Covered Defense Information and Cyber Incident Reporting.”
Self Assessment Handbook
The following handbook and supplement have been created by the National Institute for Standards and Technology (NIST) Manufacturing Extension Partnership (MEP) as a plain language guide for assessing NIST SP 800-171 Security Requirements in response to DFARS cybersecurity requirements. The Supplement contains comments, clarifications, and changes by the Department of Defense to parts of the Handbook.
In addition the Georgia Tech Procurement Assistance Center (GTPAC) developed this is 127-page template designed to help contractors create a Security Assessment Report, System Security Plan, and Plan of Action. The template is a Word document, designed for easy customization. It is intended to be used in conjunction with the NIST-MEP Cybersecurity Self-Assessment Handbook linked above.