US Court Rules CMMI Can Be Used for “Cyber Risk Management,” Raising Questions About CMMC
The ruling in Systems Implementers v. USA raises questions as to why the competing CMMC scheme is needed if CMMI is sufficient.
The ruling in Systems Implementers v. USA raises questions as to why the competing CMMC scheme is needed if CMMI is sufficient.
The first company certified to CMMC under the voluntary assessment program received consulting from a former Board member of the CyberAB.
Arrington’s publication on the cost of CMMC certification included an entire page taken from a prior Summit7 article, used without attribution.
The evidence raises questions, however, on how Arrington could have ranked higher than other candidates.
The discovery raises concerns over conflicts of interest during CMMC certification assessments.
A draft of the official CMMC assessment rules has been released, and it’s controversial.
The CMMC-ABs new website leans into conflicts of interest and blatantly false claims regarding accreditation.
The former architect of the doomed CMMC 1.0 cybersecurity program has resigned.
DODIG claimed they were unauthorized to release documentation, despite Oxebridge never having asked them to.
The Pentagon has scuttled the CISO position previously held by Arrington, and taken away control of CMMC from her cronies at OUSD A&S.
Arrington’s suspension remains in effect, while she is prohibited from re-filing a lawsuit in the matter.
The move suggests Federal prosecutors are preparing to move against senior officials at Cask.