New Year Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

While conducting a CMMC Level 2 Third-Party Assessment of a small defense contractor, an assessor...

Cyber AB CMMC-CCA Full Course Access
Cyber AB CMMC-CCA View All Questions

While conducting a CMMC Level 2 Third-Party Assessment of a small defense contractor, an assessor discovers that the contractor’s Information Security Policy has no documented change records demonstrating executive approval. The IT director states that they will add change records in the future, but that other evidence exists. Which documentation is MOST able to demonstrate persistent and habitual adherence to CMMC requirements?

A.

Handwritten notes from executive committee meetings discussing implementation

B.

Several years’ worth of saved emails from the executive team approving policies and directing adherence

C.

A notarized letter from the previous CEO stating that they approved information security policies annually

D.

Transcribed interviews with new employees discussing their understanding of information security policies

CMMC-CCA PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now CMMC-CCA pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
While scoping the assessment, the assessor learns that the OSC uses various cloud-based solutions sporadically...
The OSC’s network consists of a single unmanaged switch that connects all devices, including OT...
Previous