We are in the middle of our CMMC / NIST 800-171 audit and they are requiring a shared responsibility matrix FROM Box.com. Is there somewhere to download this type of Document. We are on the FedRamp service but am having trouble finding any documentation on Box.com FedRamp and responsibilities.
Question
CMMC Shared Responsibility Matrix
We have not talked with anyone on this issue. We did also open a ticket but would love any feedback on this issue.
Mike
I am in the same boat; I need a client / shared responsibility matrix for an upcoming audit. Any help is appreciated.
Hi
Welcome to Box Community, and we’d love to help supply the document needed for your audit.
Could you specify the type of document needed for your upcoming audit? In that regard, you can also head straight to box.com/trust and download the necessary document.
Hope it helps, and please let us know if there’s anything else we can help you with.
Hi,
I am looking for the Shared responsibility matrix as it pertains to Fedramp compliance / CMMC Level 2 certification. I can’t seem to locate it on Box.com. If you could point me in the right direction on the stie, I’m happy to download it.
Hi
Thank you for responding!
Please revisit the box.com/trust page then scroll down and click the FedRAMP.
Please let us know if you have questions,
Good day, this does not provide a shared responsibility matrix from Box.com. The site only takes me to the government FedRAMP site and away from box.
What I am looking for is a document from Box.com that outlines who has what responsibilities when it comes to CMMC (level 2)
Hi
To further assist you, I’ve submitted a new case and someone from Box Product Support team will reach out to you through email. Please keep an eye out and we will be in touch.
Thanks for posting, and we hope to get this sorted very soon!
Has any resolution to this been found I am in the same bot and currently searching for this document.
Have this same problem. I need the CRM/SRM. It is required by law.
We are using Box for a CUI / CMMC Level 2 environment. Our CMMC Assessment process requires that we provide and reference the Customer / Shared Responsibility Matrix for Box from your FedRamp certification.
This is mandated by the Code of Federal Regulations 32CFR170.17(c)(2)(iii)
https://www.ecfr.gov/current/title-32/part-170#p-170.16(c)(2)(iii)
Hi
I believe the Shared Responsibility Matrix is provided under NDA. To initiate the process, please submit a ticket to our Product Support team so they can assist you with the document. If you are unable to sign in to Support to open a case, click here.
Thanks, and feel free to reach out if you have any other concerns.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.