The latest information about how to become a CMMC auditor or certifier. Registrations are open for assessors, C3PAOs, and CMMC practitioners…
This detailed analysis of the CMMC Scoping Guide for Level 2 is meant for educational purposes only. It discusses 12 common scenarios and gives recommendations for scoping.
The term authorized is used across 40 different assessment objectives in the CMMC. Do you know what it means? How do you show it?
The first CMMC Assessment Organization is “Approved!” But what does that mean, and why is that different from the rest of the C3PAOs?
A guided review of DFARS 252.204-7012 covering the topics: What is a covered contractor information system? What is Covered Defense Information?
How to video and training on what a System Security Plan is, what it is used for, and what a high quality one looks like!
This Q&A session with Ben Tchoubineh (CMMC-AB Chair, Training Committee) delves deeply into the CAICO and current state of CMMC training
This is Part 3 of our CMMC Assessment series with Jeff Dalton (the lead trainer of the CMMC Provisional Assessors). Q&A about assessments!
This page has links and reviews of available templates and tools relating to the CMMC and NIST SP 800-171 **Updated February 10, 2021** Please help others in the community by leaving a comment with resource links! Warning – Assessment / Read More
Interview with Jeff Dalton (CMMC-AB) about CMMC assessments. Who is authorized to perform assessments? When should you do a pre-assessment? Can you fix issues found during an assessment?
This page describes how to find the CMMC requirements, how to interpret them, and how to start preparing for an outside audit. It explains how to read the CMMC document and how your team or an auditor would check each Read More
This page is an index of LinkedIn discussions and posts about CMMC and 800-171. It will be updated over time with new topics.
This interview with Regan Edens (CMMC-AB Chairman of the Standards Management Committee) clarifies clouds and CMMC, FedRAMP, and DFARS questions for Organizations Seeking Certification (OSCs)
The CMMC Level 3 Assessment Guide is published! Video about how to read and use it. Critical review of the guide by Amira Armond.
Second interview with Jeff Dalton (CMMC-AB) and Amira Armond (CMMCAudit.org) on the topics of C3PAOs, CAs, Instructors, and Ethics
CMMC Registered Practitioner is abbreviated “CMMC RP” The CMMC RP is a person who specializes in helping companies prepare for the CMMC. The CMMC-AB website is the official source of information about the Registered Practitioner Program. CMMC-AB Registered Practitioner Page Read More
Video explanation from the authors of the CMMC Level 1 Assessment Guide (CMU-SE), and review by CMMCaudit.org
Jeff Dalton from the CMMC Accreditation Body Board of Directors was kind enough to provide answers to my burning questions about…
Author: Tom Cornelius| Senior Partner at ComplianceForge | Founder & Contributor at Secure Controls Framework (SCF) Originally published on LinkedIn on October 19, 2020 The concept of creating a “CMMC Kill Chain” started off as a bit of a dare… kind Read More
I just finished the CMMC-AB’s Registered Practitioner training course. We aren’t allowed to reproduce the content, so you won’t learn any secrets from me, but I can tell you about my experience. Thanks to James Newman (a colleague of mine, Read More
As the CMMC ecosystem grows, it is starting to get hard to track all the key players and concepts. This page is meant as an easy to understand “who’s who” and “what’s what” for the CMMC. This CMMC glossary of Read More