Using your ISO 9001 Management System to Simplify CMMC Certification episode artwork

EPISODE · Apr 28, 2021 · 47 MIN

Using your ISO 9001 Management System to Simplify CMMC Certification

from The Virtual CISO Podcast · host John Verry

John Laffey, Program Manager at Perry Johnson Registrars, Inc. discusses the cornerstones of an information security management system from the perspective of a management system auditor. - Context: the boundaries, the scope, the data, the people, the systems, and the stakeholders, - Leadership: driving the entire process, continuing to champion it and making sure resources are available. - Planning: documented processes, risk assessment and risk management(Change = risk) - Support: budget, continuing training competencies, determining what is the required competencies, and then ensuring that those folks are meeting those. - Operation: Putting practices into action, verifying that you're doing what you say you do. - Performance Evaluation: “It's kind of the day to day, month to month, year to year maintenance of ensuring that things are staying on the rails and that nothing is slipping.”. - Improvement: Reaching expected, measurable outcomes and asking what can be improved in our organization Not only are these valuable clauses in terms of passing your audit, but they're valuable in terms of reducing your organization's risk. This podcast can help you understand how your current management system can benefit you with your CMMC efforts. OPTIONAL: Check out these resources we mentioned during the podcast: - John Laffey, Program Manager at Perry Johnson Registrars, Inc. - Call our headquarters at 1-800-800-7910 - Email John directly at [email protected] - PJR website To ensure you never miss an episode, subscribe to the show on Apple Podcasts, Spotify, our website or wherever you get your podcasts. Listening on a desktop & can’t see the links? Just search for [Virtual Ciso] in your favorite podcast player.

John Laffey, Program Manager at Perry Johnson Registrars, Inc. discusses the cornerstones of an information security management system from the perspective of a management system auditor. - Context: the boundaries, the scope, the data, the people, the systems, and the stakeholders, - Leadership: driving the entire process, continuing to champion it and making sure resources are available. - Planning: documented processes, risk assessment and risk management(Change = risk) - Support: budget, continuing training competencies, determining what is the required competencies, and then ensuring that those folks are meeting those. - Operation: Putting practices into action, verifying that you're doing what you say you do. - Performance Evaluation: “It's kind of the day to day, month to month, year to year maintenance of ensuring that things are staying on the rails and that nothing is slipping.”. - Improvement: Reaching expected, measurable outcomes and asking what can be improved in our organization Not only are these valuable clauses in terms of passing your audit, but they're valuable in terms of reducing your organization's risk. This podcast can help you understand how your current management system can benefit you with your CMMC efforts. OPTIONAL: Check out these resources we mentioned during the podcast: - John Laffey, Program Manager at Perry Johnson Registrars, Inc. - Call our headquarters at 1-800-800-7910 - Email John directly at [email protected] - PJR website To ensure you never miss an episode, subscribe to the show on Apple Podcasts, Spotify, our website or wherever you get your podcasts. Listening on a desktop & can’t see the links? Just search for [Virtual Ciso] in your favorite podcast player.

NOW PLAYING

Using your ISO 9001 Management System to Simplify CMMC Certification

0:00 47:48

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Virtual CISO Podcast?

This episode is 47 minutes long.

When was this The Virtual CISO Podcast episode published?

This episode was published on April 28, 2021.

What is this episode about?

John Laffey, Program Manager at Perry Johnson Registrars, Inc. discusses the cornerstones of an information security management system from the perspective of a management system auditor. - Context: the boundaries, the scope, the data, the...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this The Virtual CISO Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!