Policies, SSP, POAM, DoDAM

Posting on the SPRS site requires key documents. Compliance is dependent on documentation. If you didn’t document it, you didn’t do it. The documents are assembled in the System Security Plan or SSP. The resulting documents provide the answers to the questions asked on the SPRS site. For example, the POAM is a list of the tasks remaining for completing CMMC compliance. The question is what is the date that the last task will be accomplished and documented. The DoDAM document shows whether a task has been completed, partially completed or not completed. Starting with a score of 110, deductions are made for items partially completed or not completed.
Written policies contain tasks and staff assignments. Documenting completion of those tasks maintains compliance. The Jumpstart and ACRMS programs develop the documents needed. A compliance expert called a Helper guides you through the process. For more information watch the video at www.compliancehelper.com