DevOps
Communications & Media

Phase I: Compliance Assessment for Policy as Code Solution

In Phase I of this project, Trility helped a client pursue an automated Policy as Code solution for NIST 800-171 controls. Once controls were assessed and validated, Trility helped translate the controls into executable statements.

Problem Statement

This client needed to fully understand, implement, and become operational using NIST 800-171 in a planned, purposeful manner over the course of a year and well into the future. It was critical that areas of NIST 800-171 be validated by stakeholders for feedback and refactoring opportunities.

Solution Approach

This client received CMMC Version 1.02, Levels 1-3, translated from current language into technical oriented executable statements. It was also optimized for overlap, redundancy, and the opportunity to write software once and potentially address multiple controls as possible.

Outcomes

These executable statements were designed so they could be turned into code and allow for scalability and growth.

Project Attributes

  • Reduced Risk
  • Increased Scalability
  • Increased Capabilities
  • Increased Security
  • Documentation

Technologies Used

  • Artifactory
  • Jenkins
  • Kubernetes
  • AMQ
  • Eureka
  • Vault
  • Terraform
  • Packer