Microsoft CMMC Acceleration Program Update – January 2021

Srinivas Rautwar We can provide you access to our SSPs that are based on NIST SP 800-53 and include the Customer Responsibility Matrix.  Our customers going through DIBCAC and CMMC assessments will need these to establish Microsoft scope of responsibility and inheritance using reciprocity with FedRAMP.  As we roll out updates for documentation to align with the schema for CMMC, the SSP you mention will include customer statements for your SSP.  You can see this emerging already in the Product Placemat down at the bottom of the page with the "Practice Implementation Details".  We will have a refresh with much more detail coming this summer timeframe.  I do encourage you to look at the Placemat today and provide us with any feedback you have at https://aka.ms/cmmc/productplacematfeedback.