{"id":23411,"date":"2021-01-02T14:16:17","date_gmt":"2021-01-02T19:16:17","guid":{"rendered":"https:\/\/www.oxebridge.com\/emma\/?p=23411"},"modified":"2021-02-10T13:58:13","modified_gmt":"2021-02-10T18:58:13","slug":"oxebridge-providing-iso-17020-implementation-for-cmmc-c3paos","status":"publish","type":"post","link":"https:\/\/www.oxebridge.com\/emma\/oxebridge-providing-iso-17020-implementation-for-cmmc-c3paos\/","title":{"rendered":"Oxebridge Providing ISO 17020 Implementation for CMMC C3PAOs"},"content":{"rendered":"<p>Oxebridge has announced it will offer <a href=\"https:\/\/www.oxebridge.com\/emma\/iso-17020-requirements-for-inspection-bodies\/\"><strong>ISO 17020 accreditation preparation<\/strong><\/a> for third party assessment organizations (&#8220;C3PAOs&#8221;) within the Cybersecurity Maturity Model Certification (CMMC) scheme.<\/p>\n<p>Per a US Dept. of Defense mandate, all CMMC C3PAOs must not only be approved by the CMMC Accreditation Board, but also must obtain independent accreditation to ISO 17020, the standard for inspection bodies. Oxebridge provides consulting and implementation on this standard, and can get most C3PAOs ready for audit by an independent accreditation body in about 3 months.<\/p>\n<p>One wrinkle is the fact that the CMMC-AB has yet to publish official procedures or requirements for C3PAOs, which has prompted some certification bodies to temporarily obtain ISO 17020 accreditation for inspection of systems based on NIST 800-171, instead of CMMC. The CMMC-AB has not given any indication when they might issue formal rules for C3PAOs, and to date there is little evidence to suggest they are working on those rules.<\/p>\n<p>Oxebridge has emerged as an independent oversight body in the CMMC scheme, and is working to ensure both the CMMC-AB and C3PAOs operate in accordance with official rules and expected ethical requirements. Relative to work performed directly for C3PAOs, this will include robust identification of risks and conflicts of interest, and proven methods to mitigate those issues.<\/p>\n<p>To request a quote for ISO 17020 implementation, click <a href=\"https:\/\/www.oxebridge.com\/emma\/request-a-quote\/\"><strong>here<\/strong><\/a>.<\/p>\n<p>To help potential C3PAOs understand their obligations, Oxebridge has released the following Explainer video:<\/p>\n\n<div data-fullscreen=\"disabled\" data-grow data-mode=\"lazyload\" data-oembed=\"1\" data-provider=\"youtube\" data-reset-after-played id=\"arve-youtube-qigwepwwrmu\" style=\"max-width:1080px;\" class=\"arve arve-hover-effect-darken\">\n\t<div class=\"arve-inner\">\n\t\t<div style=\"aspect-ratio:135\/76\" class=\"arve-embed arve-embed--has-aspect-ratio\">\n\t\t\t<div class=\"arve-ar\" style=\"padding-top:56.296296%\"><\/div>\n\t\t\t<noscript class=\"arve-noscript\"><iframe allow=\"accelerometer &apos;none&apos;;autoplay;bluetooth &apos;none&apos;;browsing-topics &apos;none&apos;;camera &apos;none&apos;;clipboard-read &apos;none&apos;;clipboard-write;display-capture &apos;none&apos;;encrypted-media &apos;none&apos;;gamepad &apos;none&apos;;geolocation &apos;none&apos;;gyroscope &apos;none&apos;;hid &apos;none&apos;;identity-credentials-get &apos;none&apos;;idle-detection &apos;none&apos;;keyboard-map &apos;none&apos;;local-fonts;magnetometer &apos;none&apos;;microphone &apos;none&apos;;midi &apos;none&apos;;otp-credentials &apos;none&apos;;payment &apos;none&apos;;picture-in-picture;publickey-credentials-create &apos;none&apos;;publickey-credentials-get &apos;none&apos;;screen-wake-lock &apos;none&apos;;serial &apos;none&apos;;summarizer &apos;none&apos;;sync-xhr;usb &apos;none&apos;;web-share;window-management &apos;none&apos;;xr-spatial-tracking &apos;none&apos;;\" allowfullscreen=\"\" class=\"arve-iframe fitvidsignore\" credentialless data-arve=\"arve-youtube-qigwepwwrmu\" data-lenis-prevent=\"\" data-src-no-ap=\"https:\/\/www.youtube.com\/embed\/QigwePWWRmU?feature=oembed&amp;iv_load_policy=3&amp;modestbranding=1&amp;rel=0&amp;autohide=1&amp;playsinline=0&amp;autoplay=0&amp;enablejsapi=1\" frameborder=\"0\" height=\"608\" loading=\"eager\" name=\"\" referrerpolicy=\"strict-origin-when-cross-origin\" sandbox=\"allow-scripts allow-same-origin allow-presentation allow-popups allow-popups-to-escape-sandbox\" scrolling=\"no\" src=\"https:\/\/www.youtube.com\/embed\/QigwePWWRmU?feature=oembed&#038;iv_load_policy=3&#038;modestbranding=1&#038;rel=0&#038;autohide=1&#038;playsinline=0&#038;autoplay=1&#038;enablejsapi=1\" title=\"ISO 17020 for CMMC C3PAOs\" width=\"1080\"><\/iframe><\/noscript>\n\t\t\t<img decoding=\"async\" alt=\"ISO 17020 for CMMC C3PAOs\" class=\"arve-thumbnail\" height=\"360\" loading=\"lazy\" sizes=\"auto\" src=\"https:\/\/i.ytimg.com\/vi\/QigwePWWRmU\/hqdefault.jpg\" srcset=\"https:\/\/i.ytimg.com\/vi_webp\/QigwePWWRmU\/hqdefault.webp 480w, https:\/\/i.ytimg.com\/vi_webp\/QigwePWWRmU\/sddefault.webp 640w, https:\/\/i.ytimg.com\/vi_webp\/QigwePWWRmU\/maxresdefault.webp 1280w\" width=\"480\">\n\t\t\t<button aria-label=\"Play video: ISO 17020 for CMMC C3PAOs\" class=\"arve-play-btn arve-play-btn--youtube\" data-target=\"#arve-youtube-qigwepwwrmu\" role=\"button\" type=\"button\"><svg class=\"arve-play-svg arve-play-svg--youtube\" focusable=\"false\" aria-hidden=\"true\" width=\"68\" viewBox=\"0 0 68 48\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path fill=\"#1f1f1e\" fill-opacity=\"0.81\" d=\"m .66,37.62 c 0,0 .66,4.70 2.70,6.77 2.58,2.71 5.98,2.63 7.49,2.91 5.43,.52 23.10,.68 23.12,.68 .00,-1.3e-5 14.29,-0.02 23.81,-0.71 1.32,-0.15 4.22,-0.17 6.81,-2.89 2.03,-2.07 2.70,-6.77 2.70,-6.77 0,0 .67,-5.52 .67,-11.04 l 0,-5.17 c 0,-5.52 -0.67,-11.04 -0.67,-11.04 0,0 -0.66,-4.70 -2.70,-6.77 C 62.03,.86 59.13,.84 57.80,.69 48.28,0 34.00,0 34.00,0 33.97,0 19.69,0 10.18,.69 8.85,.84 5.95,.86 3.36,3.58 1.32,5.65 .66,10.35 .66,10.35 c 0,0 -0.55,4.50 -0.66,9.45 l 0,8.36 c .10,4.94 .66,9.45 .66,9.45 z\"><\/path><path fill=\"#fff\" d=\"m 26.96,13.67 18.37,9.62 -18.37,9.55 -0.00,-19.17 z\" ><\/path><path fill=\"#ccc\" d=\"M 45.02,23.46 45.32,23.28 26.96,13.67 43.32,24.34 45.02,23.46 z\" ><\/path><\/svg><\/button>\n\t\t\t\n\t\t<\/div>\n\t\t\n\t<\/div>\n\t\n\t\n\t<script type=\"application\/ld+json\">{\"@context\":\"http:\\\/\\\/schema.org\\\/\",\"@id\":\"https:\\\/\\\/www.oxebridge.com\\\/emma\\\/oxebridge-providing-iso-17020-implementation-for-cmmc-c3paos\\\/#arve-youtube-qigwepwwrmu\",\"@type\":\"VideoObject\",\"author\":{\"@type\":\"Organization\",\"name\":\"Christopher Paris\"},\"embedURL\":\"https:\\\/\\\/www.youtube.com\\\/embed\\\/QigwePWWRmU?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&autoplay=1&enablejsapi=1\",\"name\":\"ISO 17020 for CMMC C3PAOs\",\"thumbnailUrl\":\"https:\\\/\\\/i.ytimg.com\\\/vi\\\/QigwePWWRmU\\\/hqdefault.jpg\",\"uploadDate\":\"2020-12-28T18:45:26Z\",\"description\":\"A brief primer on the requirements of ISO 17020 for CMMC Third Party Assessment Organizations.\"}<\/script>\n\t\n<\/div>","protected":false},"excerpt":{"rendered":"<p>CMMC Third Party Assessment Organizations will have to obtain ISO 17020 accreditation in order to meet a DOD demand.<\/p>","protected":false},"author":644,"featured_media":23414,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","mc4wp_mailchimp_campaign":[],"footnotes":""},"categories":[7774,3,96],"tags":[7741,7679,938,7683,176,106],"class_list":["post-23411","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cmmc","category-news","category-services","tag-c3pao","tag-cmmc","tag-cybersecurity","tag-cybersecurity-maturity-model-certification","tag-dod","tag-iso-17020","et-has-post-format-content","et_post_format-et-post-format-standard"],"_links":{"self":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/23411","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/users\/644"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/comments?post=23411"}],"version-history":[{"count":1,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/23411\/revisions"}],"predecessor-version":[{"id":23413,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/posts\/23411\/revisions\/23413"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media\/23414"}],"wp:attachment":[{"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/media?parent=23411"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/categories?post=23411"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oxebridge.com\/emma\/wp-json\/wp\/v2\/tags?post=23411"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}