NIST

Skill packages tagged with “NIST”

Browse Skills Browse all tags
CMMC Assessment Scoping

Define CMMC assessment scope, authorization boundary, and network architecture for Level 1 or Level 2. Documents in-scope assets and network diagram narrative for the SSP.

    CMMC NIST DoD Compliance Scoping
    Learn More
    CMMC Asset Inventory

    Create and maintain the CMMC asset inventory: CUI assets, security protection assets, and contractor risk-managed assets for assessment scope.

      CMMC NIST DoD Compliance Asset Inventory
      Learn More
      CMMC Plan of Action & Milestones

      Draft and validate the CMMC POA&M: track control deficiencies, remediation plans, owners, and due dates for Conditional Level 2 or Level 3.

        CMMC NIST DoD Compliance POA&M
        Learn More
        CMMC Policies and Procedures

        Draft CMMC-aligned security policies and procedures for all NIST 800-171 domains: Access Control, Audit, Awareness, Configuration Management, and others.

          CMMC NIST DoD Compliance Policies
          Learn More
          CMMC Readiness Gap Analysis

          Map controls to NIST SP 800-171 practices, identify CMMC coverage gaps, and build a prioritized remediation roadmap for Level 1 or Level 2.

            CMMC NIST DoD Compliance Gap Analysis
            Learn More
            CMMC System Security Plan

            Draft and validate the CMMC SSP for Level 1 or Level 2: system description, boundary, and implementation narratives for each NIST 800-171 practice with evidence pointers.

              CMMC NIST DoD Compliance SSP
              Learn More
              FedRAMP Authorization Package

              Draft and validate FedRAMP authorization packages for cloud service providers: System Security Plan (SSP) with all required attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), and Plan of Action & Milestones (POA&M). Supports Low, Moderate, and High baselines.

                FedRAMP NIST Compliance Government Cloud Security ATO
                Learn More
                NIST Password Logic Adapter (CISA CPG 1.2)

                Rewrite legacy password policies to prioritize length and entropy over complexity and aging, and draft the Compromised Password Detection Protocol. Aligns with NIST SP 800-63B and CISA CPG 1.2; validates that procedures include a recurring check against leaked-credential APIs (e.g. Have I Been Pwned).

                  Compliance Security Critical Infrastructure CISA NIST Password Identity
                  Learn More
                  StateRAMP Authorization Package

                  Draft and validate StateRAMP authorization packages for cloud service providers serving U.S. state and local government: System Security Plan (SSP) with attachments, Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action & Milestones (POA&M), and the StateRAMP Snapshot for the Authorized Products List.

                    StateRAMP NIST Compliance Government Cloud Security State Government
                    Learn More

                    Ready to let your expertise drive the workflow?

                    Stop wrestling with rigid templates and complex tooling. Write your process in markdown, let the agent handle the rest.

                    Get Started