After months of stagnation, things are starting to ramp up around CMMC. Recently, the industry has received updates on voluntary assessments, interim rulemaking and early indications of when we might see CMMC in contracts.

C3’s President Bill Wootton talks with Christina Reynolds, BDO’s Director of Industry Specialty Services and CMMC compliance SME, about the latest developments from the Cyber AB, DoD leaders and the CMMC rule itself, plus their outlook over the next 6-12 months. They discuss:

  • Latest updates on CMMC including voluntary assessments, interim and final rule making and CMMC requirements within contracts
  • What are voluntary assessments, and why volunteer?
  • When is CUI not CUI? NARA and clarity on SP-PROPIN.
  • Near-term versus far-term strategy to meet compliance
  • How long does it take to get compliant?
  • What is a Systems Security Plan and what should we put into it?  Why is a POAM important?

Download the slide deck here.

See answers to follow up questions and a list of additional resources here.

Bill Wootton is the Founder and President of C3 Integrated Solutions, a full-service IT provider based in Arlington, VA that specializes in securing our nation’s Defense Industrial Base through cloud-based solutions and industry leading partners. Bill is passionate about bringing cyber-awareness, and cyber-maturity to the nation’s Defense Industrial Base, working with clients to help them achieve CMMC and NIST 800-171 compliance by providing MSP, security and Office 365 integration services.

Christina Reynolds
Director of Industry Specialty Services at BDO

Christina Reynolds is a CMMC RP with 22 years of specialization in cybersecurity and information assurance policy, including application and guidance for DoD contractors in support of CMMC, DFARS 252.204-7012 and NIST 800-171 and other industry-mandated cybersecurity regulations. Christina has served as a senior systems engineer and ISSO supporting multiple DoD BMDS programs under US Army, US Navy/NAVWAR, and MDA programs, as well as more than 150 commercial IT and cyber customers.

3:31 pm
Call Us: (571) 384-7950