Where to Begin on Your CMMC Compliance Journey

In this episode of Climbing Mount CMMC, Kaleigh Floyd and Kelly Hood discuss the essential steps for small businesses to navigate the complexities of CMMC compliance. They emphasize the importance of understanding the foundational reasons behind CMMC, the necessity of leadership involvement, and the identification of internal roles and responsibilities. The conversation also covers practical strategies for implementing NIST 800-171 controls, the significance of scoping, and tips for writing an effective System Security Plan (SSP). Throughout the discussion, they highlight the need for a cultural shift towards security and the importance of collaboration across departments.Kelly Hood's Linkedln: https://www.linkedin.com/in/kellyhoodoc/Optic Cyber Solutions: https://www.opticcyber.com/Optic's CMMC (L2) Progress Tracker: https://43828014.hs-sites.com/cmmc-l2-progress-trackerCAP: https://cs2.cloud/hubfs/CS2%202022/CS2%20DC/Resources/DRAFT%20CMMC%20Assessment%20Process%20(CAP)%20v1.0%20.pdfTimestamps: Intro 00:00 02:40The "Why" Behind NIST 800-171 02:41 07:35The Importance of Leadership Buy-In 07:36 10:39Defining Internal Roles 10:40 17:06Working Through Domain Controls 17:07 24:55Building Your SSP 24:56 31:29Take Scoping Seriously 31:30 39:04Write Something Down 39:05 41:15Closing Remarks 41:16 42:53Website: https://www.axiom.tech/YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQAxiom's Linkedln: https://www.linkedin.com/company/axiomtech/Bobby's Linkedln: https://www.linkedin.com/in/bobbyguerra/Kaleigh's Linkedln: https://www.linkedin.com/in/kaleigh-floyd-079a52190/