How the secret sauce is made – one practice, one hour

How does a defense contractor create a plan to perform each requirement in CMMC and NIST SP 800-171? Will you fail if you don’t write policy statements which regurgitate each requirement in a ‘shall” form? AKA “๐˜š๐˜ข๐˜ง๐˜ฆ๐˜จ๐˜ถ๐˜ข๐˜ณ๐˜ฅ๐˜ช๐˜ฏ๐˜จ ๐˜ฎ๐˜ฆ๐˜ข๐˜ด๐˜ถ๐˜ณ๐˜ฆ๐˜ด ๐˜ง๐˜ฐ๐˜ณ ๐˜Š๐˜œ๐˜ Read More

Joint Surveillance Assessment – what is it like?

This is an interview with Jose Rojas (TTC) and Ozzie Saeed (IntelliGRC) about their experience being assessed by Kieri Solutions, an Authorized C3PAO, as part of the Joint Surveillance Voluntary assessment program. Other than the obvious congratulations to both of Read More

What does “monitor” mean in CMMC?

Logan Therrien and Amira Armond from Kieri Solutions (an Authorized C3PAO) discuss the concept of monitoring and how it is evaluated by CMMC assessors. Several assessment objectives in CMMC Level 2 require monitoring. ๐Ÿ” the physical facility where organizational systems Read More

Podcast – increasing the likelihood of passing CMMC assessments

This podcast by Omnistruct features Amira Armond, John Riley, and George Usi. Recorded in May-June 2023. They discuss the basics of CMMC, the “hardest” requirement (FIPS of course), the aspects that contractors have the most difficulty with, and the status Read More

CAICO and current state of CMMC training – Ben Tchoubineh (CMMC-AB)

This Q&A session with Ben Tchoubineh (CMMC-AB Chair, Training Committee) delves deeply into the CAICO and current state of CMMC training

CMMC-AB Jeff Dalton – the CMMC Assessment Process – Part 1

Interview with Jeff Dalton (CMMC-AB) about CMMC assessments. Who is authorized to perform assessments? When should you do a pre-assessment? Can you fix issues found during an assessment?

CMMC-AB Regan Edens interview on DFARS, FedRAMP, and AB authority

This interview with Regan Edens (CMMC-AB Chairman of the Standards Management Committee) clarifies clouds and CMMC, FedRAMP, and DFARS questions for Organizations Seeking Certification (OSCs)