CMMC V1.02 – SC.1.175 – Monitor, Control, and Protect Organizational Communications

We continue our discussion of the Practices within CMMC, Level 1, with the next Domain, System and Communication Protection (SC). Within this Domain, there are 2 capabilities and 2 practices for Level 1 compliance.  System and Communications Protection activities ensure the organization is actively identifying, managing, and controlling all system and communication channels that store […]

CMMC V1.02 – PE.1.134 – Control and Manage Physical Access Devices

The final Practice within the Physical Security (PE) Domain and Capability, Limit Physical Access, is PE.1.134, Control and manage physical access devices.  This Practice focuses on who can access the physical equipment used to track physical access to a facility (e.g., locks, badging, key cards, etc.) and who is responsible for monitoring and managing access […]

CMMC V1.02 – PE.1.133 – Maintain Audit Logs of Physical Access

PE.1.133 marks the third practice within the Domain, Physical Security, and Capability, Limit physical Access.  Where the first two practices within PE were focused on limiting access to systems and individuals, this Practice focuses on the documentation process of how you limit access:  Using audit logs.  As the content below explains, it is not necessary […]

CMMC V1.02 – PE.1.132 – Escort Visitors and Monitor Visitor Activity

This entry is the second Practice within the Physical Protection (PE) Domain and the Capability, Limit Physical Access.  This Practice, PE.1.132 – Escort Visitors and Monitor Visitor Activity, aligns with the prior one, PE.1.131, Limiting physical access to organizational information systems and, again, is pretty straight forward.  Essentially, to meet compliance with this Practice, an […]

CMMC V1.02 – PE.1.131: Limit Physical Access to Organizational Information Systems

The next four practices to be addressed reside within the Physical Protection (PE) Domain.  The Physical Protection Domain covers activities which ensure that physical access to CUI asset containers is strictly controlled, managed, and monitored in accordance with CUI protection requirements. In this entry, we are discussing the first of the Practices, PE.1.131: Limit physical […]


The next practice to be completed is located within the domain, Media Protection.  For Level 1 compliance, there is only one Capability (Sanitize Media) and one Practice within that Capability:  MP.1.118 – Sanitize or destroy information system media containing Federal contract information before disposal or release for reuse.  Below is the information and description provided […]

CMMC V1.02 – IA.1.077 – Authenticate Identities of Users, Processes, or Devices

The second practice within the Domain, Identification and Authentication (IA) and Capability, Grant access to authenticated entities, is IA.1.077, Authenticate ( or verify ) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.  This sounds a lot more complicated than it actually is.  Essentially, this practice […]

Maximum Money – Improve Cash Flow & Boost Profits

Evaluating a company’s financial health is an essential skill for all business owners. This Maximum Money Course covers the fundamentals of financial analysis. In once a week for five weeks, participants have the opportunity to develop a comprehensive 12 month financial forecast.