This was a great opportunity for CNA to conduct a CMMC workshop with a CMMC expert, Kyle Lai, KLC Consulting. The workshop offers CMMC overview, and provides clarity of the process to becoming fully compliant. Insightful discussions with your team and valuable information.
There are 2 sections to the CMMC Workshop:
- Section 1 covers the CMMC overview, concepts, terminologies, the related federal rules, and Defense Federal Acquisition Regulation Supplements (DFARS) clauses. It gives the audience a fundamental understanding of Controlled Unclassified Information (CUI), existing requirements, and recommendations on what to do if the company needs more clarification on what CUI they are working on.
- Section 2 covers all phases of a typical journey of the CMMC certification. We will start discussing how to scope for CMMC accurately, self-assessing the required documentation such as system security plan (SSP) and Plan of Action and Milestones (POA&M), reporting the results of self-assessment to the DoD SPRS system, establishing an incident response plan, and how to engage a CMMC 3rd Party Assessment Organization (C3PAO) for the final evaluation and certification. We will also cover some common challenges companies are facing with recommended solutions. This section provides the practitioners with the knowledge to avoid common mistakes and develop practical approaches.