- This event has passed.
Lessons Learned from CMMC Joint Verification and Validation Assessments
September 18 @ 12:00 pm – 1:00 pm EDT
Federal rulemaking on the Cybersecurity Maturity Model Certification (CMMC) 2.0 program is progressing, and the impact to government contractors will be significant. This session will equip participants with the knowledge and tools necessary to navigate the complexities of CMMC assessments and maintain compliance in their organizations.
Participants will gain an understanding of the current timeline for CMMC implementation and hear firsthand perspectives from Fernando Machado of Cybersec Investments, a Certified Third-Party Assessor Organization (C3PAO) involved in Joint Surveillance Voluntary Assessments (JSVA). He will share poignant and timely lessons learned from the JSVAs he has successfully completed with his clients as well as key preparation steps needed to complete prior to the assessment. He will also discuss proactive scoping strategies that can help facilitate a successful CMMC certification.
BDO’s CMMC Certified Practitioners/Assessor, Christina Reynolds and Stacy High Brinkley will highlight key considerations for defining the scoping environment, handling of Controlled Unclassified Information (CUI), FedRAMP Moderate equivalency for cloud services, what a Shared Responsibility Matrix is, and the potential certification requirements for External Service Providers (ESPs) post-rulemaking.