The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification скачать в хорошем качестве
The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification
1 месяц назад
Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...
Повторяем попытку...
Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification в качестве 4k
У нас вы можете посмотреть бесплатно The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
-
Информация по загрузке:
Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification в формате MP3:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
The QT9 Q-Cast #3 | Navigating CMMC: Self Assessment to Certification
Is your prime saying they can’t award the PO until your CMMC status shows in SPRS? In this QT9 Q Cast episode, host Christian Reyes interviews Rhea Dancel (Senior Manager of Information Security at NSF, a C3PAO) to demystify CMMC compliance—who needs it, how Levels 1–3 map to NIST SP 800 171/172, and exactly what assessors expect. What you’ll learn • CMMC Levels 1, 2, and 3 explained: what protects FCI vs CUI, and how verified assessments replaced self attestation across 320 assessment objectives. • Who needs CMMC (primes and all tiers of subcontractors handling FCI/CUI) and how requirements flow down—plus where COTS fits. • Where CMMC appears in contracts (32 CFR program rule; 48 CFR clauses) and the rollout toward November 2028. • The “minimum viable evidence” package for Level 2: SSP, network diagram, and asset inventory—and why consistency matters in Phase 1 scoping. • How assessors score evidence (test, examine, document) and why technical evidence carries more weight. • Cloud quick test for CUI: use providers that are FedRAMP Moderate or equivalent. • Realistic Level 2 timeline (plan ~12 months from zero) and how a CUI enclave + control inheritance from FedRAMP solutions can accelerate readiness. • Ongoing obligations: annual affirmation and 3 year recertification (it’s not one and done). Guest: Rhea Dancel, NSF (C3PAO & certification body). Host: Christian Reyes, QT9. Chapters 00:00 Why your PO is gated by SPRS + CMMC’s purpose 01:06 Meet guest Rhia Dancel (NSF, C3PAO) 01:42 Why CMMC replaced self attestation; 320 objectives 03:03 Verified assessments vs. self assessments 03:21 Levels 1–3 overview (FCI vs. CUI; NIST 800 171/172) 04:14 CMMC as both security framework and contract gate 05:01 Who needs CMMC? Prime → sub flow down 06:03 32 CFR program rule; 48 CFR clauses; rollout through Nov 2028 07:04 FCI vs. CUI (plain English examples) 08:30 COTS scope discussion 09:10 Do SaaS vendors need CMMC? (depends on CUI & flow down) 10:18 Scoping Level 2: SSP, network diagram, asset inventory 10:54 C3PAO vs. consultant; mock assessments 11:21 What counts as evidence; why technical proof wins 12:09 Level 3 path (after Level 2 with C3PAO → DoD/DIBCAC) 12:49 FedRAMP Moderate / equivalent for cloud CUI 13:19 First 5 tasks to start (gap analysis → remediation → docs) 14:36 Minimum viable evidence (SSP + network + inventory) 15:21 When software vendors should pursue CMMC; scheduling realities 17:26 Level 1 as a trust signal; annual affirmation 18:40 How primes view vendors without CMMC in SPRS 19:23 Level 2 timeline; enclaves; control inheritance 22:16 Where to find NSF (Cyber AB Marketplace) & wrap up Resources mentioned • NSF - https://www.nsf.org/ • Rhia Dancel NSF - https://www.nsf.org/experts/rhia-dancel • Rhia Dancel LinkedIn - / rhia-d-101bb8157 • Cyber AB Marketplace - https://cyberab.org/ • FedRAMP Marketplace - https://marketplace.fedramp.gov/products Disclaimer This episode shares general information—not legal advice. Always verify requirements in your specific solicitations and contracts. If this helped, please like 👍, subscribe 🔔, and share with a teammate who owns security, contracts, or compliance. Hashtags #CMMC #NIST800171 #NIST800172 #CUI #SPRS #FedRAMP #DefenseIndustrialBase #DIB #C3PAO #QT9QCast #NSF Visit QT9Software.com to find out more!
Comments
