This week’s episode covers the Cyber AB’s recently released pre-decisional draft CMMC Assessment Process, an SBA final rule that implements new methods for evaluating expanded sources of small business past performance, a GSA OIG Alert about the Transactional Data Reporting rule, and Senate passage of an amended version of the Preventing Organizational Conflicts of Interest
CMMC
No Summer Break for Cyber: Newly Unveiled CMMC Assessment Process Provides Industry with Upcoming Assessment Insights





After much anticipation, the Cyber AB, formerly known as the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body, recently released its pre-decisional draft CMMC Assessment Process (CAP). The CAP describes the overarching procedures and guidance that CMMC Third-Party Assessment Organizations (C3PAOs) will use to assess entities seeking CMMC certification. The current version of the CAP applies to contractors requiring CMMC Level 2 certification, which will likely be most contractors handling Controlled Unclassified Information (CUI) based on the Department of Defense’s (DoD) provisional scoping guidance for CMMC 2.0.
Fastest 5 Minutes: CMMC, Bid Protests, NDAA


This week’s episode covers an update on the Cybersecurity Maturity Model Certification program, a GAO report on DHS’ controls to protect personally identifiable information, a Federal Circuit decision regarding prejudice in the bid protest context, and highlights from the National Defense Authorization Act for FY2022, and is hosted by Peter Eyre and Monica Sterling. Crowell …
Byte-Sized Q&A: What’s not in CMMC 2.0?


Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, hosts Evan Wolff and Kate Growley talk through some key elements that are no longer expected under CMMC 2.0.
Listen: Crowell.com | PodBean | SoundCloud | Apple Podcasts
Byte-Sized Q&A: What can we expect under CMMC 2.0?


Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, hosts Evan Wolff and Kate Growley talk through the fundamental changes that the DoD has announced will be made under “CMMC 2.0.”
Listen: Crowell.com | PodBean | SoundCloud | Apple
Byte-Sized Q&A: Part 3 – The CMMC Clause

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this final episode of a three-part series, host Kate Growley digests the current state of DFARS clause 252.204-7021 and what contractors should know about the Cybersecurity Maturity Model Certification (or CMMC).
Listen: …
Crowell & Moring Achieves CMMC Registered Provider Organization Status to Help Defense Contractors Prepare for Upcoming DoD Cybersecurity Assessments

More than 300,000 companies within the Defense Department’s supply chain will need to meet new Cybersecurity Maturity Model Certification (CMMC) requirements and pass a third-party assessment to ensure they are adequately protecting sensitive information on their networks. Now, Crowell & Moring has become the first AmLaw 100 firm to achieve Registered Provider Organization (RPO) status…