Blog

Caiq

Caiq — Caiq. GRC guidance on controls, evidence, audit readiness, and continuous compliance with SecureSlate.

CCPA and TPRM: Third-party risk requirements

How CCPA/CPRA shapes third-party risk—service provider contracts, due diligence, and sale/share disclosures.

CMMC and SOC 2: similarities and differences

CMMC verifies CUI protection for DoD contracts; SOC 2 attests service org controls for customers. Compare scope, assessors, evidence, and when contractors need both.

CMMC certification timeline: how long does it take?

How long CMMC certification takes by level: typical 3–12+ month timelines for gap assessment, remediation, C3PAO scheduling, and SPRS after Nov 2025 rollout.

CMMC Compliance Templates

CMMC Compliance Templates. CMMC guide for security and GRC teams: controls, evidence, audit readiness, and continuous compliance with SecureSlate.

CMMC controls explained: a complete guide for DoD contractors

CMMC controls map to FAR 52.204-21 (Level 1), NIST 800-171 (Level 2), and 800-172 (Level 3). A DoD contractor guide to families, evidence, and scoring.

CMMC Level 1: requirements, controls, and certification process

CMMC Level 1 covers 15 FCI safeguarding practices from FAR 52.204-21. Learn controls, annual self-assessment, SPRS submission, and the certification process.

CMMC Level 2: requirements, controls, and certification process

CMMC Level 2 aligns with NIST SP 800-171 for CUI. Learn the 110 requirements, self-assessment vs C3PAO paths, SSP, POA&M, SPRS, and certification steps.

CMMC Level 3: requirements, controls, and certification process

CMMC Level 3 adds NIST SP 800-172 to 800-171 for high-value CUI. Learn enhanced controls, C3PAO plus DIBCAC assessments, and the certification process.

CMMC vs FedRAMP: similarities and differences

CMMC protects CUI for DoD contractors; FedRAMP authorizes cloud for federal agencies. Compare scope, controls, assessments, and when you need each program.