News & Ramblings

CMMC – What We Know and What We Don’t

By Kathryn Daily, CISSP, CAP, RDRP So by now, I’m sure you’ve seen a ton of articles on the Cybersecurity Maturity Model Certification (CMMC) initiative. A lot of information has been released but there are still a lot of unknowns. What We Know We know that it’s mandatory for all contractors who wish to do…

Read post

Ask Dr. RMF!

Dear Dr. RMF, I work in an Army program and I feel like I am getting the hang of RMF, but when the heck do I schedule an independent assessment (SCA-V)? Show Me the SCA-V Dear Show Me the SCA-V, When determining when to schedule a SCA-V assessment you’ll want to take several things into…

Read post

CMMC Is Here!

By Kathryn Daily, CISSP, CAP, RDRP So, in the last edition of the newsletter I wrote about the need for verification of NIST 171 compliance from DoD contractors, suppliers and vendors who process controlled unclassified information (CUI). Well, the DoD sure delivered on that request. A mere days after the last article was published, DoD…

Read post

The Expanding Role of eMASS

By Lon J Berman, CISSP, RDRP The Enterprise Mission Assurance Support Service (eMASS) is a DoD system that serves as an information repository and workflow manager for the Risk Management Framework (RMF) process. The history of eMASS can be traced back to a project called Digital DITSCAP at the Defense Logistics Agency (DLA) in the…

Read post

Where to Find CISSP Practice Questions?

We constantly get asked “Where is the best place to find CISSP practice questions?” and “What sort of resources can you share with me to help me prepare for the CISSP?”  In an effort to consolidate all of the answers to these questions, we have put together this list of links.  As we find new…

Read post