====Quick Start====
[[userguide| User Guide]]
[[gettingstarted| Getting Started]]
[[auditpolicyguide|Auditor Policy Reference]]
[[:cmmc:intro|CMMC Introduction]]
[[:soc|SOC Introduction]]
[[policies:config_items_dlzp|DLZP Security Mapping Tags]]
[[policies:config_items53-171|171r2 Configuration Items Mapping]]
[[policies:config_items53-map|53r5 Configuration Items Mapping]]
[[policies:awsconfig_CP53r4|AWS Config CP NIST 800-53r4]]
[[https://www.stigviewer.com/controls/800-53|STIG Controls Viewer]]
[[https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2Fcenter-for-threat-informed-defense%2Fattack-control-framework-mappings%2Fv1.5.0%2Fframeworks%2FATT%2526CK-v10.1%2Fnist800-53-r4%2Flayers%2Fnist800-53-r4-overview.json|MITRE ATT&CK Map]]
[[policies:policy_template|Policy/Standards Template]]
[[policies:sec_aware|Security Awareness 101]]
===Tags===
[[policies:tag_list|Tags Index - NIST 800-171]]
[[policies:tag_all|Tags List - NIST 800-171]]
[[policies:tag_cmmcAll|CMMC All - ML 1 - 3]]
----
====Clauses====
[[catalog:52.204-21 | FAR 52.204-21]]
[[catalog:252.204-7012 | DFARS 252.204-7012]]
[[catalog:252.204-7019/20 | DFARS 252.204-7019/20]]
----
* Applies to DLZP Associates
[[acknowledge:list | Acknowledge Admin Info]]
[[https://www.nsa.gov/Press-Room/Telework-and-Mobile-Security-Guidance/ | NSA Telework Guidance]]
=====Compliance Policies=====
00. [[policies:enclave_boundary|Compliance Assessment Boundary *]]
10. [[policies:acceptable_use-emp|Acceptable Use - Employees *]]
20. [[policies:audit_logging|Audit, Logging, Accountability]]
25. [[policies:access_management|Access Management]]
30. [[policies:authentication_mgt|Authentication Management]]
40. [[policies:backup_recovery|Backup & Recovery]]
45. [[policies:change_management|Change Management]]
50. [[policies:media_destruction|Data Storage Media Destruction]]
60. [[policies:data_classification|Data Classification & Retention*]]
70. [[policies:email|Email Policy*]]
80. [[policies:incident_response|Incident Response Policy]]
85. [[policies:maintenance_mgt| Maintenance Management]]
90. [[policies:mobile_compute|Mobile Computing*]]
100. [[policies:network_security|Network Security]]
105. [[policies:network_sec_ho|Home Office Security]]
110. [[policies:personnel_sec|Personnel Security]]
120. [[policies:physical_sec|Physical Security]]
130. [[policies:policy_lifecycle|Policy Lifecycle]]
140. [[policies:remote_access|Remote Access]]
150. [[policies:risk_management|Risk Management Policy]]
155. [[policies:sdlc_pipeline| SDLC - Pipeline Policy]]
160. [[policies:3p_access|Third-Party Access Policy]]
170. [[policies:threat_mgt|Threat and Vulnerability Management]]
180. [[policies:training|Training and Awareness]]
190. [[policies:wireless_access|Wireless Access]]
----
====Compliance Library====
[[policy:action_items|Policy Action Items]]
[[policies:cyber_actions|Cybersecurity Action Items]]
[[policy:exec_statement|Executive Policy Statement]]
[[catalog:800-171-ci_mapping|800-171r2 Config Items (CI) Mapping]]
[[catalog:800-171A|NIST SP 800-171A]]
[[catalog:800-171A-appD|NIST SP 800-171A Appendix D]]
{{:opmodel-secmodel_v2_copy_0.1x.png?200|}}
----
Contact your DLZP Group Account Manager if you're unable to View Client Resources
----