The accreditation body behind the Pentagon's cyber certification program has published a detailed spreadsheet outlining comments from stakeholders on the group's first assessment process guide. The guide, known as “the CAP,” provides a step-by-step process for assessors to use when conducting their formal examination of compliance with the Cybersecurity Maturity Model Certification standard. Version 1.0 was released in July and marked as “pre-decisional” because the CMMC rulemakings are not finalized. The CAP breaks the assessment down into four phases: preparation,...
