If you, or any of your any clients are Department of Defense (DoD) contractors or subcontractors, you'll want to join us for an up-to-the-minute update on the sweeping proposed changes to the Cybersecurity Maturity Module Certification (CMMC) requirements.
Leading CMMC expert Mike Semel has been following this saga from Day One, and will be on hand to deliver this briefing.
Responding to widespread complaints that the newly-implemented CMMC rules are too difficult and costly to administer, the DOD is now back-peddling and apparently moving forward with some important reforms to simplify the process. Among the expected changes are:
- Reduction of Maturity Levels from 5 to 3
- Elimination of additional CMMC controls that go beyond NIST 800-171
- Allowance of self-assessments for lower levels (without a C3PAO)
- Use of the POAM in lieu of completing assessments in some cases.
As part of this event, Mike Semel will go into more details about the proposed changes, talk about what you need to do in the interim to meet DoD contract requirements, and also be available for a live Q&A session with the audience.
Then, for those who are interested, we'll be showing a high-level overview demo of the CMMC Compliance Module built into Compliance Manager designed to generate evidence of compliance with the current and future CMMC requirements.
