Lessons Learned from CMMC Joint Verification and Validation Assessments

Federal rulemaking on the Cybersecurity Maturity Model Certification (CMMC) 2.0 program is progressing, and the impact to government contractors will be significant. This session will equip participants with the knowledge and tools necessary to navigate the complexities of CMMC assessments and maintain compliance in their organizations.

Participants will gain an understanding of the current timeline for CMMC implementation and hear firsthand perspectives from Fernando Machado of Cybersec Investments, a Certified Third-Party Assessor Organization (C3PAO) involved in Joint Surveillance Voluntary Assessments (JSVA). He will share poignant and timely lessons learned from the JSVAs he has successfully completed with his clients as well as key preparation steps needed to complete prior to the assessment.  He will also discuss proactive scoping strategies that can  help facilitate a successful CMMC certification.

BDO’s CMMC Certified Practitioners/Assessor, Christina Reynolds and Stacy High Brinkley will highlight key considerations for defining the scoping environment, handling of Controlled Unclassified Information (CUI), FedRAMP Moderate equivalency for cloud services, what a Shared Responsibility Matrix is, and the potential certification requirements for External Service Providers (ESPs) post-rulemaking. 

Related Events

• 

  Unlocking the Power of AI Chatbots In Tax and Accounting

  September 17 @ 2:00 pm – 3:00 pm EDT
• 

  AI: The Gamechanger Webcast Series: Leveraging Copilot and Fabric for Organizational Efficiency

  September 18 @ 1:00 pm – 2:00 pm EDT
• 

  Demystifying AI: Unlock Transformative Potential With Responsible AI Adoption

  September 19 @ 2:00 pm – 3:00 pm EDT