Skip to content

877.701.8000

info@serabrynn.com

Satisfy CMMC IR Controls ASAP!

Utilize SERA BRYNN'S 15 Years of Incident Response, Reporting, & Handling.

Navigating these requirements can be a daunting task, however, SERA BRYNN is uniquely qualified, with our long history in incident response, to satisfy the CMMC incident handling and reporting requirements. With our team of experts and security solutions, these requirements can be implemented in record time!

Brad - Texas

Knock Out the Hardest Requirements Fast!

CMMC 2.0 / NIST 800-171

IR.L2-3.6.1 (3.6.1)

Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.

*Satisfies seven assessment objectives.

*Based on agreement SERA BRYNN has in place with client.

IR.L2-3.6.2 (3.6.2)

Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization. Report incidents to DoD DIBNet on behalf of Contractor.

*Satisfies six assessment objectives.

*Based on agreement SERA BRYNN has in place with client.

IR.L2-3.6.3 (3.6.3)

Test the organizational incident response capability.

*Satisfies one assessment objective.

*Based on agreement SERA BRYNN has in place with client.

Included Requirements 

SI.L1 - 3.14.5

Perform periodic scans of organizational systems and real-time scans of files from external sources as files are downloaded, opened, or executed.

*Satisfies three assessment objectives.

*Based on agreement SERA BRYNN has in place with client.

SI.L1 - 3.14.6

Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.

*Satisfies three assessment objectives.

*Based on agreement SERA BRYNN has in place with client.

SI.L1 - 3.14.7

Identify unauthorized use of organizational systems. 

*Satisfies two assessment objectives.

*Based on agreement SERA BRYNN has in place with client.

Related DFARS Requirements

DFARS 252.204-7012

(c) - Cyber Incident Reporting

When the Contractor discovers a cyber incident that affects a covered contractor information system or the covered defense information residing therein, or that affects the contractor’s ability to perform the requirements of the contract that are designated as operationally critical support and identified in the contract, the Contractor shall –
  • (i) Conduct a review for evidence of compromise of covered defense information, including, but not limited to, identifying compromised computers, servers, specific data, and user accounts. This review shall also include analyzing covered contractor information system(s) that were part of the cyber incident, as well as other information systems on the Contractor’s network(s), that may have been accessed as a result of the incident in order to identify compromised covered defense information, or that affect the Contractor’s ability to provide operationally critical support; and
  • (ii) Rapidly report cyber incidents (within 72 hours of discovery) to the DoD

The cyber incident report shall be treated as information created by or for DoD and shall include, at a minimum, the required elements.

In order to report cyber incidents in accordance with this clause, the Contractor or subcontractor shall have or acquire a *DoD-approved medium assurance certificate to report cyber incidents. 

*SERA BRYNN meets this requirement.

Pricing

Refer to the pricing calculator to determine the estimated cost for your environment to satisfy the CMMC IR Controls. Upon completion, our experts will work with you to validate the data points and then further dial in the exact pricing.

Should you need further clarification or assistance, please do not hesitate to contact us.

We are dedicated to your success!