The ISACA Central Maryland Chapter invite you to our annual joint training holiday event on Tuesday, February 14, 2023. ISACA Members, AGA Members, cyberaudit, assurance, Cybersecurity Nexus (CSX), risk management, governance, and internal control professionals and practitioners new to the field and those with years of experience will benefit from this event. The training event offers an opportunity to expand your network and build onto your knowledge and skills. After registration, you will receive the Zoom registration email. See Zoom Instructions below for further information.
Note: This training earns up to 3 CPEs if attended for duration.
Topic: So, You Think You're Ready for a CMMC L2 Assessment?
Speakers: Joy Beland, Amira Armond
There are many different versions of “ready” when it comes to CMMC Level 2 Assessments by a C3PAO. Depending on the guidance you have received from an RP, PA, CCP Candidate, internal SME, external consultant, or just being self-taught, how ready you think you are vs. how ready you REALLY are can be a moving target.
In this workshop we will use the following readiness components as your guidepost on the CMMC Readiness journey. We will provide a workbook with guidance in each segment, as we help you answer:
We promise you a high knowledge value session.
- Can you defend the scope you have presented with documentation of where CUI is stored and transmitted in your network? Will your boundaries stand up to the assessor’s criteria?
- If you use an External Service Provider like a MSP (Managed Service Provider) or MSSP (Managed Security Service Provider), do they know what evidence they need to bring to the assessment? Are you defining their role in a way that the assessor will accept?
- If you use Cloud Service Providers to store, process or transmit CUI, do you have the right “Body of Evidence” available for review?
- What are the three proofs showing that you are using FIPS 140-2 validated modules correctly?
- Are there tips for assessment preparation so that your team shows competence and doesn’t say the wrong thing?
- If the assessment team sends one or more assessors onsite, what are common mistakes that they will look for?
- Is there a way to format your POA&M to show “Enhancements” that will not indicate a failure on any CMMC Level 2 practices?
12:30 – 1:00 Registrants and speakers enter zoom meeting for networking time
1:00 - 4:00 Presentation
We will break for 10 minutes on each hour
4:00 – 4:15 zoom will still be active for more possible networking chat window time
Earn 3 CPEs toward your CISM, CISA, or other certification (CPE credits are based on 50 minute increments)
Full-time Students $15.00
(*Members Price is for all ISACA, IIA, ISSA, AGA, and CFE members)
• Pay by credit card