CMMC 1.0 Practice CA.3.162 Requirement:

Employ a security assessment of enterprise software that has developed internally, for internal use, and that has been organizationally defined as an area of risk.

CMMC 1.0 CA.3.162 Requirement Explanation:

If your company has developed any software internally and uses it internally it needs to undergo a security assessment. The assessment can be completed by your employees or by a third party.

Example CMMC 1.0 CA.3.162 Implementation:

If your company has developed any software internally and uses it internally it needs to undergo a security assessment. The assessment can be completed by your employees or by a third party.

CMMC 1.0 CA.3.162 Scenario(s):

- Scenario 1:

Your company has several developers. One of your developers built a piece of software for the accounting department to help automate some of their tasks. Because the software is internally developed and used internally it must under go a security assessments. You task one of your developers to use the OWASP Code Review guide to assess internally developed software.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

/assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Become Compliant
/assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Provide Services
/assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.
Verify Subcontactors