List of Useful Links
CMMC
CMMC-AB Home https://cyberab.org
CMMC-AB Town Hall Videos https://cyberab.org/News-Events/Town-halls
DoD
DoD USD A&S CMMC Model https://www.acq.osd.mil/cmmc/model.html
DoD USD A&S Assessments https://www.acq.osd.mil/cmmc/assessments.html
DoD USD A&S Assessment Guide https://www.acq.osd.mil/cmmc/documentation.html
DFARS 254.202.7012 https://www.acquisition.gov/dfars/part-252-solicitation-provisions-and-contract-clauses#DFARS-252.204-7012
DFARS 254.202.7019 Notice of NIST SP 800-171 DoD Assessment Requirements https://www.acquisition.gov/dfars/part-252-solicitation-provisions-and-contract-clauses#DFARS-252.204-7019
DFARS 254.202.7020 NIST SP 800-171 DoD Assessment Requirements https://www.acquisition.gov/dfars/part-252-solicitation-provisions-and-contract-clauses#DFARS-252.204-7020
DFARS 254.202.7021 Cybersecurity Maturity Model Certification Requirements https://www.acquisition.gov/dfars/part-252-solicitation-provisions-and-contract-clauses#DFARS-252.204-7021
DoD CUI Program Home https://www.dodcui.mil/
DoD CUI Awareness and Marking https://www.dodcui.mil/Portals/109/Documents/Training%20Docs/21-S-0588%20cleared%20CUI%20Awareness%20Training%20Nov%202020.pdf?ver=eOMZuMPrdLXcnhS6egUe2w%3d%3d
DoD CUI Mandatory Training https://securityhub.usalearning.gov/index.html
NARA Archives- CUI https://www.archives.gov/cui
NIST
NIST Main List of Special Publications https://csrc.nist.gov/publications/sp800
NIST Main List of NISTIRs https://csrc.nist.gov/publications/nistir
SP800-171 rev2 Protecting CUI in Non-Federal Systems https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf
SP800-171A Assessing Security Requirements for CUI https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171A.pdf
SP800-172 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-172.pdf
SP800-172A Enhanced Requirements for Protecting CUI: Supplement to SP800 -171 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-175A.pdf
SP800-171 rev2 CUI POAM Template https://csrc.nist.gov/CSRC/media/Publications/sp/800-171/rev-2/final/documents/CUI-Plan-of-Action-Template-final.docx
SP800-53 rev4 Controls for Federal Information Systems (Withdrawal Date 9/23/2021) https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
SP800-53A rev4 Assessing Controls in Federal Systems https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf
SP800-53 rev5 Controls for Information Systems https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
SP800-53A rev5 Assessing Security and Privacy Controls in Federal Information Systems
https://csrc.nist.gov/publications/detail/sp/800-53a/rev-5/final
SP800-53B Control Baselines in Federal Systems https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53B.pdf
SP800-18 rev1 Develop SSP for Federal Systems https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-18r1.pdf
SP800-30 rev1 Conducting Risk Assessment https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf
SP800-37 Risk Management Framework (RMF) for Information Systems https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
Other
FedRAMP Marketplace https://marketplace.fedramp.gov/#!/products?sort=productName
US-CERT https://www.cisa.gov/cybersecurity
Federal Information Security Modernization Act (FISMA) of 2014 https://www.whitehouse.gov/wp-content/uploads/2018/10/M-19-02.pdf