CMMC Documentation Explanation
Phase 1- Create your SSSP & POA&M-One Time Cost
- Assessment-Create SSP/POA&M/SPRS Score= Firm Fixed Price (FFP) $4,800.00 One Time Cost
- Schedule 2-3 Interview meetings that are 2 hrs. each to complete an in-depth assessment of the 130 practices
- Development of System Security Plan (SSP)
- System Description
- System Architecture Diagram
- Support in development of System Inventory (Hardware & Software)
- Control Implementation Determination
- Development of Plan of Action and Milestones (POA&M)
- Schedule 1 delivery meeting for 1 hr. to provide the SSP and POA&M documentation and review implementation priority and discuss remediation strategies
- Send SPRS information and schedule meeting to enter score into the SPRS data base
Phase 2: Assist with your implementation of open POA&M items by providing the following three support options: T&M Rate of $124.80 (T&M Rate changes on January 1st 2022)
- Provide a T&M Hourly Rate proposal to provide implementation support as needed-2021 Hourly Rate $124.80 (As Needed)
- Provide a T&M Hourly Rate proposal to support certain implementation items with an estimate of hours and schedule-2021 Hourly Rate $124.80 (Most popular)
- Provide a T&M Hourly Rate proposal for full turn key solution with estimate of hours and scheduled that Corvus would implement in coordination with South Western Electrical.- 2021 Hourly Rate $124.80
Phase 3: Assist with creation of policies, plans & procedures by providing the following two support options: Firm Fixed Price (FFP) Pick one option for documentation
- Specifically tailored 61 Documents = Firm Fixed Price (FFP) $8,736.00 One Time Cost
- Untailored 61 Documents which includes logo and company information = Firm Fixed Price (FFP) $5,468.00 One Time Cost
Phase 4: Follow-on Information System Security Officer (ISSO) support: T&M Rate of $124.80 (T&M Rate changes on January 1st 2022)
- Provide a T&M Hourly Rate proposal to provide follow-on Information Technology (IT) support-2021 Hourly Rate $124.80 (Few Hours weekly)
- Conduct Weekly Security Audits
- Implement Audit Log Transfer/Centralized Storage
- Conduct Monthly Vulnerability Assessments
- Perform Documentation updates as needed
- Provide Incident Response/Training Support
Help in defense of an audit in partnership/cooperation with your company if Corvus Technologies is brought on for follow on ISSO support (Required per CMMC-AB)