As a former gov industry assessor, I found David Gray's CCP course to be very valuable and sufficient preparation for the assessment. I plan to take the CCA next month to cover the level 2 portion of the assessment.

Axion’s transparency is eye opening and refreshing. I’m excited to hear the great news that Axiom is CMMC Level 2 certified. Keep up on climbing!

Thanks for doing this. Excellent discussion!

Great quick update, thanks guys!

Rodriguez Donna Smith Laura Johnson Mary

looking forward to that example podcast

there are such wonderful chunks about scoping in here that I need to listen to it like three more times while I’m not at the gym😂

Love this because theirs so many acronyms, still learning them personally. RMF/ATO???/c3pao/3pao/cmmc/fedramp/ lmnop!!! now I know my abc’s 😂😂

fantastic questions and fantastic answers. I believe that no matter how you cut the mustard whoever the MSP or the MSP is will have to be level two because we have access and the keys to the castle. Treated differently maybe a little because we don’t carry CUI . So maybe some of the things should be tweaked just because we’re literally never going to handle the CUI within emails our own SharePoint so I wanted it so forth. However, we’re gonna be deeply embedded so it’s gonna be interesting. How this turns out that’s for sure.

great info you guys! Comparing ccp and cca and understanding the advantages, very key info

another great video from Bobby, just goes to show you too. How much is up in the air that we all really don’t know quite yet and two years from now when people are reading this comment they will know what we don’t.

Congrats you guys!!!

Great first season ! Thanks again for all the good knowledge drops in these everyone who does these

Great episode you guys love your points about how the stickiness for the MSP is going to be greater

I had some thoughts before like, their needs to be a kids version of cmmc. Like a children’s book on cmmc. Free book idea yall haha

Scan results and audit data within threat management is considered in scope. This is kind of huge because it makes it so that you cannot go to a cloud provider that is not fed ramped. Am I right on this?

for discussion about threat management and patch management and how they eb and flow together, it’ll be cool when things become a lot more clear after msp’s start passing level 2 glad to hear that Bobby is almost there , it would be great if he was the first

Here is a great video by Jacob Horn m.kzbin.info/www/bejne/pJi8hJSFasuaa7s I’m not a fan of CIRCIA because it puts the burden to report multiple times instead of forcing the government to collaborate between themselves. This is being lead by CISA because they want to know more about breaches but what they should be doing is mandating each government agency to report to them. So we would report to DiBnet and then DoD would report to CISA but as it stands the proposed rule would make us report twice. Once to DoD and second to CISA. Yuk!!

Cirque C? What is that? It is the first time I’ve heard of this term. Please expand on that one.

The talk about secuirty training , wth!!! Soo brilliant. How does this video have less the 30 views. Its like a secret restaurant. The best av is in between the chair and computer????? Brilliance I saw these guys and got first like! How??

At this moment, this video has 42 views. To me this is kind of insane. I bet you if you go to all seven marketing guru MSP KZbin channels you’ll see thousands of views. This video which is insanely awesome and as a prediction when these things start to kick in, we’ll have thousands of views. Between the conversations about SSP’s and tabletop exercises and all the other gems in this video. MSP’s are truly missing out, but I have a feeling not for long. Bobby and Matt, thank you so much for these pearls of wisdom you have bestowed on KZbin

what a strong team of people and great information. there’s a lot of meat in this episode and I usually watch KZbin videos at 1.5 speed, but I had to slow this down to normal speed. You know it’s a good video when that happens. 😅

Thank you very much for this information. I would love to see CMMC requirements presented more clearly and concisely in one location, making them straightforward and to the point. As someone preparing my company for CMMC compliance, I face significant challenges because management is skeptical. They don't believe the requirements are imminent and assume any repercussions will be minor. I appreciate your honest opinions and insights into the costs, resources, impact, and time involved in your CMMC journey. Looking forward to more from this miniseries!

Mark clearly knows CMMC and GRC.👌🏾

Cheering us all on to the top of this cmmc mountain!

The information shared during interview was incredibly helpful.

Insightful interview!👌🏾

Great podcast, love listening and learning. You all rock!

Very Helpful, thank you to all the Interviewers, answer providers, and commenters. I think the sales angle for MSP and MSSPs is missing, and that will most likely unveil itself after a lot of this is hammered out. The early bird gets the worm !!

Bobby, great start on digging into the new rule. So many concerns. You chose the right experts to discuss the situation. ESPs and Cloud Providers MUST start NOW to get ready. Time is relatively short; the task is very big!

FedRAMP deals with "major change" in the system with a very methodical, if still lacking, process. I feel the CMMC process for this piece should borrow from FedRAMP.