Author: Amira Armond

CMMC-AB Regan Edens interview on DFARS, FedRAMP, and AB authority

CMMC-AB Regan Edens interview on DFARS, FedRAMP, and AB authority

Posted on by Amira Armond

This interview with Regan Edens (CMMC-AB Chairman of the Standards Management Committee) clarifies clouds and CMMC, FedRAMP, and DFARS questions for Organizations Seeking Certification (OSCs)

Registered Practitioner Home

Posted on by Amira Armond

CMMC Registered Practitioner is abbreviated “CMMC RP” The CMMC RP is a person who pays $500 a year to the Cyber-AB to be advertised as someone who can help companies prepare for the CMMC. Here are the benefits of working with a CMMC Registered Practitioner That is it. Notice I didn’t say anything about cybersecurity Read More

CMMC RM.2.142 Scan for vulnerabilities in organizational systems

CMMC RM.2.142 Scan for vulnerabilities in organizational systems

Posted on by Amira Armond

This article is an in-depth review of the CMMC Level 2 Requirement RM.2.142 on the topic of vulnerability scanning. I break out frequently asked questions and reference other requirements that are related to vulnerability scanning. This requirement also applies to current DFARS 252.204-7012 and NIST SP 800-171 organizations that hold CUI

Webinar on CMMC Level 1 by the Software Engineering Institute (CMU)

Webinar on CMMC Level 1 by the Software Engineering Institute (CMU)

Posted on by Amira Armond

This webinar is a great resource for organizations no matter what CMMC level you expect to need. It is released by Carnegie Mellon University’s Software Engineering Institute. This is the organization that helped the DoD develop the original CMMC model. Their recommendations are very authoritative. Here are the resources that SEI recommends: DIB Cybersecurity program: Read More

CMMC News Rollup November 19 2020

CMMC News Rollup November 19 2020

Posted on by Amira Armond

Hello all, Lots of different topics in this news article. I hope they help you! – Amira Armond Registered Practitioners and RPOs are official! The CMMC-AB started releasing badges to Registered Practitioners on November 17th. If you are a Registered Practitioner candidate that has 1) finished the background check. 2) finished the training. 3) signed Read More

Where is the Easy Button for CMMC? Why MSPs may be the solution.

Where is the Easy Button for CMMC? Why MSPs may be the solution.

Posted on by Amira Armond

CMMC and DFARS compliance is too expensive for small businesses. This article describes “easy button” solutions such as a CMMC MSP, using …

CMMC ML.2.999 Developing an effective CMMC Policy

CMMC ML.2.999 Developing an effective CMMC Policy

Posted on by Amira Armond

This webinar is published by Carnegie Mellon University’s Software Engineering Institute (SEI) – the co-authors of the CMMC Model. Their guidance about the CMMC should be considered authoritative. At CMMC level 2 and above, organizations are expected to have policies supporting their security program. Here are my notes from the webinar. Policies are a way Read More

Introducing the CMMC Kill Chain – Zero to full compliance

Posted on by Amira Armond

Author: Tom Cornelius| Senior Partner at ComplianceForge | Founder & Contributor at Secure Controls Framework (SCF) Originally published on LinkedIn on October 19, 2020 The concept of creating a “CMMC Kill Chain” started off as a bit of a dare… kind of a “Here! Hold my coffee!” moment among a small group of CMMC practitioners to Read More

CMMC Level 4 – Discussion on Process Maturity – ML.4.996

Posted on by Amira Armond

This video from Carnegie Mellon Software Engineering Institute (co-authors of the CMMC Model) discusses CMMC Level 4 Maturity. The specific topic is CMMC requirement ML.4.996 “Review and measure [DOMAIN NAME] activities for effectiveness” SEI Blog: https://insights.sei.cmu.edu/sei_blog/cybersecurity-maturity-model-certification-cmmc/