CMMC Scoping for Level 2

This video is provided by Amira Armond and Jil Wright (CMMC Provisional Assessors and Provisional Instructors) from Kieri Solutions, an Authorized C3PAO. Topics discussed in the video are: This content is way more than the CCP course blueprint covers and more in-depth than what is Read More

CMMC Scoping for Level 1

This video is provided by Amira Armond and Jil Wright (CMMC Provisional Assessors and Provisional Instructors) from Kieri Solutions, an Authorized C3PAO. Topics included are: Enjoy, and don’t forget to subscribe to our YouTube channel for lots of other CMMC Read More

3.6.3 Test the Organizational Incident Response Capability

This was originally posted on LinkedIn. Check the original post and community discussion here! On to the next requirement! 3.6.3 ๐“๐ž๐ฌ๐ญ ๐ญ๐ก๐ž ๐จ๐ซ๐ ๐š๐ง๐ข๐ณ๐š๐ญ๐ข๐จ๐ง๐š๐ฅ ๐ข๐ง๐œ๐ข๐๐ž๐ง๐ญ ๐ซ๐ž๐ฌ๐ฉ๐จ๐ง๐ฌ๐ž ๐œ๐š๐ฉ๐š๐›๐ข๐ฅ๐ข๐ญ๐ฒ. This is post #5 in my series analyzing the top ten failed / misunderstood Read More

3.4.1 Establish / Maintain Baseline Configurations

This series reviews the top failed (misunderstood) 800-171 andย CMMCย requirements. Originally posted on LinkedIn – check the start of series here for community conversation and thoughts! 3.4.1 ๐„๐ฌ๐ญ๐š๐›๐ฅ๐ข๐ฌ๐ก/๐ฆ๐š๐ข๐ง๐ญ๐š๐ข๐ง ๐›๐š๐ฌ๐ž๐ฅ๐ข๐ง๐ž ๐œ๐จ๐ง๐Ÿ๐ข๐ ๐ฎ๐ซ๐š๐ญ๐ข๐จ๐ง๐ฌ This one is both commonly misunderstood and difficult to implement, even though Read More

Excuses that won’t work for your CMMC assessment

Public Safety Announcement forย #CMMCย and DIBCAC assessments of 800-171 compliance. “My _________ is scheduled to occur in January and we haven’t reached January yet.” – said too many Organizations Seeking Certification Do not try to use this excuse to explain why Read More

Top 10 “Other than satisfied” 800-171 requirements

At Cloud Security and Compliance Series – CS2 Huntsville, Nick Delrosso’s presentation included the “Top 10 Other Than Satisfied Requirements”. Nick Delrosso represents the DCMA’s Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) which has been performing cybersecurity assessments on contractors for the Read More

Lessons learned from two (three?) DIBCAC assessments

On behalf of CMMCAudit.org, I’m excited to share this interview withย Jake Williamsย about his lessons learned from two DIBCAC assessments of DFARS 252.204-7012 and NIST SP 800-171 compliance. This video is packed with actionable information about what to expect during assessments. Read More

Trends in 800-171 reporting and SPRS scores

Author: Amira Armond, the president of Kieri Solutions – an authorized CMMC Third Party Assessment Organization (C3PAO) providing CMMC assessments, CMMC consulting, and Compliance Documentation packages designed for small/medium business. This graphic depicts my personal experience talking with defense contractors Read More

DFARS 252.204-7012 – Part 1, CDI and Covered Info Systems

A guided review of DFARS 252.204-7012 covering the topics: What is a covered contractor information system? What is Covered Defense Information?

CAICO and current state of CMMC training – Ben Tchoubineh (CMMC-AB)

This Q&A session with Ben Tchoubineh (CMMC-AB Chair, Training Committee) delves deeply into the CAICO and current state of CMMC training