What are peoples thoughts on the 800-171 Microsoft Purview Compliance Assessment
In the past couple months I've become the sole IT guy at a small engineering firm, and my bosses prime contractor is requiring level 2 CMMC for continued work. I previously did electromechanical assembly for him, but I'm in school for networking.Right now we're just a three man operation, including me.
So far i've been utilizing the official NIST publications and assesment documents such as this https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171Ar3.pdf to guide my approach to bringing us into compliance.
I've recently found out about the purview compliance assessment and I've been finding it incredibly helpful. Was just wondering what you professionals think about a small bussiness using this as evidence for an audit along with the rest of my documentation?
Any other helpful insights y'all might have is greatly appreciated <3
