Official UC blog

March 2024 Newsletter

Written by Matt H. | Mar 11, 2024 12:34:22 PM
Unified Compliance Newsletter
March 2024

 

Newsletter Highlights

  • The Impact of OSCAL on CMMC Compliance
  • Safeguarding CUI
  • The NIST Cybersecurity Framework, v2.0 
  • Newsletter: Read Past Editions
  • Upcoming Documents
  • Authority Documents
  • Suggestions/Comments: Email Us

The Impact of OSCAL on CMMC Compliance

OSCAL and CMMC: Exploring the Relationship - This article delves into the relationship between OSCAL (Open Security Controls Assessment Language) and CMMC (Cybersecurity Maturity Model Certification), examining how OSCAL is utilized within the context of CMMC and discussing the potential impact of OSCAL on streamlining compliance processes, improving security controls implementation, and enhancing assessment methodologies within the CMMC framework.

Explore the relationship.

Safeguarding Controlled Unclassified (CUI) Under CMMC 2.0

Controlled Unclassified Information (CUI) plays a pivotal role in government operations, encompassing government-owned or created information that necessitates safeguarding through information security controls, even though it is not classified. 

 

See why it's important.

The NIST Cybersecurity Framework, v2.0

The highly anticipated NIST Cybersecurity Framework, v2.0 document is out and we have it mapped. US National Institute of Standards and Technology's release on February 26, 2024 is now part of the Common Controls Hub. Check it out here!

 

Newsletters: Read Past Editions

Want to read the news released about Unified Compliance? All released newsletters are posted the same day they are emailed. Check out past-UCF news. Read our Newsletters.

Upcoming Documents

The UCF team has plans to map the following Documents:

  • GAO Yellow Book
  • OWASP Application Security Verification Standard 4.0.3
  • 16 CFR Part 318, Health Breach Notification Rule
  • SWISS-U.S. DATA PRIVACY FRAMEWORK
  • ISO/IEC 27005:2022
  • Blueprint for an AI Bill of Rights
  • ISO/IEC TS 27110:2021
  • UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK
  • Code of Virginia Title 59.1, Chapter 53, Consumer Data Protection Act, April 11, 2022

Authority Documents

What's new and popular in the CCH?

See the list below for Authority Documents published since our last newsletter.

Cybersecurity

  • 45 CFR Part 164 Subpart D, Notification in the Case of Breach of Unsecured Protected Health Information [AD 3729]
  • COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework [AD 3712]
  • EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES [AD 3723]

Health IT

  • 45 CFR Part 164 Subpart D, Notification in the Case of Breach of Unsecured Protected Health Information [AD 3729]

IT Security

  • 45 CFR Part 164 Subpart D, Notification in the Case of Breach of Unsecured Protected Health Information [AD 3729]
  • COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework [AD 3712]
  • SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy, October 15, 2022 [AD 3647]

Monitoring and Reporting

  • 45 CFR Part 164 Subpart D, Notification in the Case of Breach of Unsecured Protected Health Information [AD 3729]
  • SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy, October 15, 2022 [AD 3647]

Operational Management

  • EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES [AD 3723]

Privacy

  • COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework [AD 3712]
  • EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES [AD 3723]
  • SOC 2® Reporting on an Examination of Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy, October 15, 2022 [AD 3647]

Third Party and Supply Chain Management

  • EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES [AD 3723]

Which Authority Documents are most important to you?

Submit a request.

What are the most accessed ADs monthly?

 

Here's this month's list of the 50 most selected Authority Documents, including how many groups and initiatives each Authority Document has been assigned!

Thanks for Reading our newsletter. If you have any suggestions or comments, please email us.

Best Wishes,

Dorothy Hunt

Manager, Customer Success
707.694.3077
dhunt@unifiedcompliance.com

Unified Compilance, 10161 Park Run Dr. Suite 150, Las Vegas, NV 89145 USA

Unsubscribe Manage Preferences

Copyright © 2021 UnifiedCompliance.com All Rights Reserved.