top of page

CMMC/NIST Policy ProBot

Both NIST 800-171 and the Capability Maturity Model Certification (CMMC) require organizations have a documented information security policy (or policies) and related procedures for each of the respective domains.  Up until the release of our Policy Professional Robot (ProBot) organizations were more or less "stuck" writing them from scratch or or forced to use Exostar's PolicyPro. Exostar's PolicyPro serves its purpose but it's comparatively slow and they maintain control over your documents.  We think that's kind of like holding your policies hostage.  And when Exostar PolicyPro is charging $999 per year it seems a bit unfair to organizations who just want a policy or policy set.