CMMC 2.13
CMMC Practices
Each practice, grouped by domain and cross-referenced to the NIST controls that support it.
Domain: RA — Risk Assessmentclear ✕
10 practices
RA
Risk Assessment10RA.L2-3.11.1Risk Assessments1 refL2RA.L2-3.11.2Vulnerability Scan1 refL2RA.L2-3.11.3Vulnerability Remediation1 refL2RA.L3-3.11.1eThreat-Informed Risk AssessmentL3RA.L3-3.11.2eThreat HuntingL3RA.L3-3.11.3eAdvanced Risk IdentificationL3RA.L3-3.11.4eSecurity Solution RationaleL3RA.L3-3.11.5eSecurity Solution EffectivenessL3RA.L3-3.11.6eSupply Chain Risk ResponseL3RA.L3-3.11.7eSupply Chain Risk PlanL3
Looking for the underlying standards? Browse NIST SP 800-171, 800-172 & 800-53 →