Cyber Security Committee

The Cyber Security Committee is comprised of CIOs and other cybersecurity executives from AIA’s member companies, and is responsible for developing and promoting cybersecurity policy objectives to meet government and industry information protection requirements. The CSC engages with DOD’s Chief Information Officer (CIO), Defense Pricing and Contracting (DPC), the Defense Contract Management Agency (DCMA), the Cybersecurity Maturity Model Certification (CMMC) program office, the CMMC Accreditation Body (CMMC-AB), and the Office of the Under Secretary of Defense for Research & Engineering (USD/R&E).

Items of Interest


Industry Resources

1)  2017 AIA Member Survey:  Cybersecurity Survey Results

2)  NIST Compliance Presentation:  Compliance through Development Security Operations (DevSecOps)

3)  Sep 2017 SMC Presentation:  DFARS How-To (Exostar and Accenture)

4)  FAR to DFARS:  Categorization of NIST SP 800-171 R1 Controls

5)  AIA National Aerospace Standard (NAS) 9933:  Overview

6)  AIA National Aerospace Standard (NAS) 9933:  Link to AIA Standards Store

7)  DIB SCC Cyber AssistWebsite

8)  Project Spectrum:  Website 

9) Cybersecurity Maturity Model Certification:  Accreditation Body (AB)


Federal Government Resources

1)  Cybersecurity Maturity Model Certification (CMMC)

2)  DOD DIB Cybersecurity Program

3)  DOD Procurement Toolbox

4)  DFARS FAQ:  Frequently Asked Questions (FAQs)


a) 252.204-7012 – Safeguarding CDI and Cyber Incident Reporting

b) 252.204-7019 – Notice of NIST SP 800-171 DoD Assessment Requirements

i) NIST SP 800-171 DoD Assessment Methodology

c) 252.204-7020 – NIST SP 800-171 DoD Assessment Requirements

6)  23 June 2017 DFARS CUI/CDI Industry Information Day:  Slides  / Video

7)  NARA:  Controlled Unclassified Information (CUI) Registry

8)  NIST:  Consult with your local NIST Manufacturing Extension Partnership (MEP) Center

9)  NIST:  Cybersecurity Standard:  NIST SP 800-171 R1

10)  NIST:  Cybersecurity Standard Assessment Guide:  NIST SP 800-171A


Tools and Templates

1)  DHS:  Cybersecurity Evaluation Tool

2)  NIST SSP Standard:  NIST SP 800-18 (Sample SSP template at Appendix A)

3)  NIST CUI Templates:  SSP / Plan of Action (POA&M)

4)  SSP Template

5)  Federal Risk and Authorization Management Program (FedRamp)

a)  Moderate Baseline SSP Template 

b)  Other SSP Templates and more

6)  Plan of Action and Milstones:  Simple Excel POA&M Template

AIA Contact:

Jason Timm

Director, Defense Policy & Integration

Sectors with this issue