FAR 52.204-21 and CMMC 2.0

Documentation & Training

Professional Documentation Development

Security Documentation Is a Critical Part of Compliance

Cyberfox works with clients to develop Professional Documentation such as these:

  • Security Policy
  • Security Procedures
  • Recovery Plans
  • Regulatory Security Documentation
  • Other Security Documentation
  • System Security Plan (SSP)
  • Plan of Actions & Milestones (POA&M)
  • Strategic Implementation Plans

Many regulatory agencies require firms to have documentation detailing how they meet standards.

Cyber Security Awareness Training


Our FAR 52.204-21 and CMMC 2.0 Training is designed to help small DIB contractors understand what is really expected of them and what options are available to become compliant with the least impact to their operations and bottomline.  The training is single-client based, one-on-one with unlimited opportunities to ask questions.   

We also provide employee training services that focus specifically on training your employees to identify and react to basic computer security threats. These classes revolve around Cybersecurity Awareness and cover topics such as suspicious emails, abnormal system activities, best practices. We offer more in-depth training for your IT staff.

Class sessions typically run 1-2 hours, depending on your preferences and needs. This is something that should be done annually in order to keep up on the latest security threats and trends. We require a minimum of five students for our classes.