by Nicholas Graning | Feb 17, 2026 | CMMC
When handling Controlled Unclassified Information (CUI), compliance with NIST SP 800-171 and the CMMC framework mandates strict data protection measures—including the use of FIPS-validated encryption in specific scenarios. But one requirement that consistently...
by Nicholas Graning | Dec 3, 2025 | CMMC
Proper storage of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) is at the core of a healthy and satisfactory compliance program. The issue? There seems to be ample confusion on what CUI and FCI are, the difference between the two,...
by Bob Stephens | May 30, 2025 | CMMC
Creating a Data Flow Diagram (DFD) is a foundational step in achieving Cybersecurity Maturity Model Certification (CMMC) compliance. DFDs offer a visual representation of how Controlled Unclassified Information (CUI) traverses through an organization’s systems. ...
by ASCERA | Jun 28, 2024 | Blog
Identifying how and where Controlled Unclassified Information (CUI) is stored, transmitted, and processed within your organization is a critical first step to achieving CMMC compliance. Many organizations overlook this step, however, leading to gap assessment fatigue,...
by ASCERA | Apr 18, 2024 | CMMC
Conducting a NIST 800-171 self-assessment — also known as a CMMC self-assessment or SPRS assessment — is a critical component of DFARS 252.204-7019 compliance. As a contractor, you’ll need to evaluate your organization against all 320 objectives and upload your...
