CMMC Level 2

Risk Assessment Controls

Controls for periodically assessing the risk to organizational operations, assets, and individuals from the operation of systems and processing of CUI.

CMMC-RP Certified Team 3 Controls in Family 3.11 24+ Years Experience

About the Risk Assessment Family (RA)

Controls for periodically assessing the risk to organizational operations, assets, and individuals from the operation of systems and processing of CUI. This family contains 3 security requirements that organizations must implement to achieve CMMC Level 2 certification and protect Controlled Unclassified Information (CUI). Petronella Technology Group's CMMC-RP certified team provides expert guidance on implementing every control in this family.

CMMC Level 2 - Risk Assessment Controls

All 3 Risk Assessment controls with CMMC-focused implementation guidance.

3.11.1Periodically Assess Risk→ 3.11.2Scan for Vulnerabilities→ 3.11.3Remediate Vulnerabilities in Accordance with Risk Assessments→

NIST SP 800-171 - Risk Assessment Requirements

The same 3 controls with NIST 800-171-focused assessment preparation guidance.

3.11.1Periodically Assess Risk→ 3.11.2Scan for Vulnerabilities→ 3.11.3Remediate Vulnerabilities in Accordance with Risk Assessments→

All CMMC Families

AC: Access Control AT: Awareness and Training AU: Audit and Accountability CM: Configuration Management IA: Identification and Authentication IR: Incident Response MA: Maintenance MP: Media Protection PS: Personnel Security PE: Physical Protection RA: Risk Assessment CA: Security Assessment SC: System and Communications Protection SI: System and Information Integrity

Need Help With Risk Assessment Controls?

Our CMMC-RP certified team has helped 2,500+ organizations implement these controls and pass assessments.

Schedule a Compliance Assessment