CMMCDocs.comHome / Glossary / Security Assessment (CA) Family
Security Assessment (CA) Family
Also known as: CA family
The CA family covers 4 NIST SP 800-171 requirements governing periodic security control assessment, action plans, continuous monitoring, and the SSP itself.
The Security Assessment (CA) family contains 4 NIST SP 800-171 Rev 2 security requirements: CA.L2-3.12.1 (periodically assess the security controls in organizational systems to determine if they are effective), CA.L2-3.12.2 (develop and implement plans of action — POA&M items — to correct deficiencies), CA.L2-3.12.3 (monitor security controls on an ongoing basis to ensure continued effectiveness), and CA.L2-3.12.4 (develop, document, and periodically update System Security Plans).
The CA family is essentially the meta-family — it requires the contractor to take their own program seriously through self-assessment, POA&M tracking, continuous monitoring, and SSP maintenance. CMMCDocs is built around this discipline.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account