Top 10 “Other than satisfied” 800-171 requirements

At Cloud Security and Compliance Series – CS2 Huntsville, Nick Delrosso’s presentation included the “Top 10 Other Than Satisfied Requirements”. Nick Delrosso represents the DCMA’s Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) which has been performing cybersecurity assessments on contractors for the Read More

Lessons learned from two (three?) DIBCAC assessments

On behalf of CMMCAudit.org, I’m excited to share this interview with Jake Williams about his lessons learned from two DIBCAC assessments of DFARS 252.204-7012 and NIST SP 800-171 compliance. This video is packed with actionable information about what to expect during assessments. Read More

Policy templates and tools for CMMC and 800-171

This page has links and reviews of available templates and tools relating to the CMMC and NIST SP 800-171 **Updated December 16, 2022** Please help others in the community by leaving a comment with resource links! Defense Industrial Base Cybersecurity Read More

DFARS 252.204-7012 – Part 1, CDI and Covered Info Systems

A guided review of DFARS 252.204-7012 covering the topics: What is a covered contractor information system? What is Covered Defense Information?

CAICO and current state of CMMC training – Ben Tchoubineh (CMMC-AB)

This Q&A session with Ben Tchoubineh (CMMC-AB Chair, Training Committee) delves deeply into the CAICO and current state of CMMC training

CMMC-AB Jeff Dalton – the CMMC Assessment Process – Part 1

Interview with Jeff Dalton (CMMC-AB) about CMMC assessments. Who is authorized to perform assessments? When should you do a pre-assessment? Can you fix issues found during an assessment?

CMMC-AB Regan Edens interview on DFARS, FedRAMP, and AB authority

This interview with Regan Edens (CMMC-AB Chairman of the Standards Management Committee) clarifies clouds and CMMC, FedRAMP, and DFARS questions for Organizations Seeking Certification (OSCs)

Introducing the CMMC Kill Chain – Zero to full compliance

Author: Tom Cornelius| Senior Partner at ComplianceForge | Founder & Contributor at Secure Controls Framework (SCF) Originally published on LinkedIn on October 19, 2020 The concept of creating a “CMMC Kill Chain” started off as a bit of a dare… kind Read More

Review of CMMC Registered Practitioner Training

This is a historical post from September 2020. Information on Registered Practitioners may have changed since then. You have been warned. I just finished the CMMC-AB’s Registered Practitioner training course. We aren’t allowed to reproduce the content, so you won’t Read More

CMMC Glossary, Terms, and Definitions. Who’s who in CMMC

As the CMMC ecosystem grows, it is starting to get hard to track all the key players and concepts. This page is meant as an easy to understand “who’s who” and “what’s what” for the CMMC. This CMMC glossary of Read More