Hi everyone,

I wanted to share an open-source project I’ve been working on that I hope will benefit the DIB community. It’s a Power BI tool designed to help organizations manage CMMC compliance and security control assessments.

The tool allows you to combine multiple Excel-based assessments into a single scope, making it useful for managing security controls across multiple facilities, computer groups, or any other people, process, or technology assets within a CUI enclave. It also includes a POA&M template integrated with the main assessment dashboard, featuring drill-through capabilities.

The dashboards offer core GRC features like tracking assessments, linking controls to evidence and owners, and monitoring POA&M status and updates. Since most organizations already use Microsoft 365, the Power BI Service is easy to add, with a free trial available or it can be run locally with Power BI Desktop.

The project is available as an open-source resource, and I’d love feedback from the community or collaboration on additional features. I’m also working on related projects like a Risk-Based Vulnerability Prioritization app and a MITRE ATT&CK assessment template.

If you’d like to check out the project, here’s the GitHub repository, where I’ve also included setup instructions and a Demo. Please let me know if you have any questions or suggestions, I’m happy to help where I can.

https://preview.redd.it/m4akhdwqi4ae1.png?width=1408&format=png&auto=webp&s=7ad64484f7fab932924fe0c67b0a3c4dc600f7f6