Every two minutes Pyrenth checks each control against the running application and updates the list below. No patient health information appears here. The real evidence files a third party assessor reviews sit behind the assessor sign in.
| Control | Framework | Status | Detail |
|---|---|---|---|
| DFARS-7012-A | DFARS-7012 | Pass | NIST 800-171 score 110/110 (>=90 considered adequate) |
| DFARS-7012-CSP | DFARS-7012 | Pass | Cloud provider FedRAMP Moderate or higher (aws-govcloud) |
| DFARS-7012-K | DFARS-7012 | Pass | DFARS 7012 flow-down language included in subcontractor MSA template |
| DFARS-7012-D | DFARS-7012 | Pass | DFARS 7012(d) malicious software submission runbook present at docs/incident-response/dfars-7012-runbook.md; Sentry plus auditLogger preserve artifacts for DC3 submission |
| DFARS-7012-G | DFARS-7012 | Pass | Audit log retention 2555 days (>= 1095 NIST AU-11 floor) supports DFARS 7012(g) retrospective damage assessment |
| DFARS-7012-C | DFARS-7012 | Not applicable | DIBNet registration is a Tier 4 pre-award dependency available only to active DoD contract holders. FEDERAL_PRE_AWARD_DEFERRAL=true marks this Not Applicable until Pyrenth lands a DoD task order or subcontract. Will activate after award. |