Back to Control Explorer



Control Acronym



Situational Awareness

CMMC Level


800-171 Control #


CMMC Description

Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

CMMC Clarification

To enhance situational awareness activities within the organization, leverage external sources for cybersecurity threat information. Establish a relationship with external organizations, or periodically survey relevant sources, to ensure you are receiving up-todate threat intelligence information pertinent to your organization. Examples of sources include: US-CERT, various critical infrastructure sector ISACs, ICS-CERT, industry associations, vendors, and federal briefings. Threat information is reviewed and, if applicable to your organization, communicated to the appropriate stakeholders for action. Example You are in charge of IT operations for your company. Part of your role is to ensure you are aware of up-to-date cyber threat intelligence information so you can properly perform risk assessments and vulnerability analyses. To do this, you join a defense sector ISAC, and signup for alerts from US-CERT. You use information you receive from these external entities to update your threat profiles, vulnerability scans, and risk assessments. Also, you use these sources to gather best practices for informing your employees of potential threats and disseminate the information throughout your organization to the appropriate stakeholders.

800-171 Description

800-171 Discussion


Other Source Discussion

CMMC Establish relationships with external organizations to gather cyber threat intelligence information. Cyber threat information from external sources should inform situational awareness activities within the organization. Relevant external threat information is communicated to stakeholders within the organization for appropriate action if needed.

CIS Control References

NIST 800-53 Control Ref.

NIST SP 800-53 Rev 4 PM-16

CMMC Derived


NIST CSF Control References

NIST 800-171 References

Applicable FAR Clause

NIST CSF Control Reference


CERT RMM Reference

Modification of NIST 800-171B Reference

NIST 800-171B Reference

UK NCSCCyber Reference

AS ACSC Reference


Assessment Sub-Criteria 1

SA.3.169.[a] the organization identifies cyber threat intelligence from information sharing forums and sources;

Assessment Sub-Criteria 2

SA.3.169.[b] the organization responds to cyber threat intelligence from information sharing forums and sources; and

Assessment Sub-Criteria 3

SA.3.169.[c] the organization communicates this information to appropriate stakeholders.

Assessment Sub-Criteria 4

Assessment Sub-Criteria 5

Assessment Sub-Criteria 6

Assessment Sub-Criteria 7

Assessment Sub-Criteria 8

Assessment Sub-Criteria 9

Assessment Sub-Criteria 10

Assessment Sub-Criteria 11

Assessment Sub-Criteria 12

Assessment Sub-Criteria 13

Assessment Sub-Criteria 14

Assessment Sub-Criteria 15