Skip to content

CMMC Level 1 control mapping (17 practices) #4

Open
Open
CMMC Level 1 control mapping (17 practices)#4
Labels
complianceCompliance frameworkenhancementNew feature or request
@rudymartinezai

Description

@rudymartinezai
rudymartinezai
opened on Feb 23, 2026

Goal

Add CMMC Level 1 compliance framework to the scanner.

Depends on

  • Multi-framework engine (plugin architecture)
  • Control mapping YAML

New checks needed

  • AC.1.001 — Limit system access to authorized users
  • AC.1.002 — Limit system access to authorized transaction types
  • IA.1.076 — Identify and authenticate system users
  • MP.1.118 — Sanitize or destroy media before disposal

Acceptance Criteria

  • klustershield scan --framework cmmc-l1 works
  • Report shows CMMC practice IDs alongside NIST controls
  • All 17 L1 practices covered

Metadata

Metadata

Assignees

No one assigned

    Labels

    complianceCompliance frameworkenhancementNew feature or request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions