The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) is working to secure Controlled Unclassified Information by requiring vendors serving the Defense Department to be certified at one of five levels. The Cyber Maturity Model Certification may have broader ramifications as it may become a standard for all third-party vendor relationships.
This presentation will discuss this certification, the frameworks used in designing it, the levels of certification in detail and some of the tools that can be used to assess your organizations overall cyber maturity level including the use of the CMMI’s Cyber Maturity Tool.
We will also exam the Microsoft Azure Blueprint for NIST SP 800-171 compliance to understand control ownership under IAAS and PAAS for cloud-based applications.
Ted Dziekanowski, CISA, CISM, CRISC and Certified ISACA Instructor
eGRC Specialist, RMF Instructor, ISACA Authorized CISA, CISM and CRISC Instructor, Authorized ISC2 CISSP, CAP and CCSP Instructor, Authorized PECB ISO 27001 and 27005 Instructor
Ted Dziekanowski has taught the NIST Risk Management Framework around the world to the United States Military, portions of the Intelligence Committee, several government agencies and major suppliers of services to the United States government. Having experience as both an Auditor and System Integrator Ted has a unique insight as to the challenges associated with developing an eGRC program that satisfies the compliance requirements faced by organizations of all types and sizes.
Ted also travels globally teaching Cloud Security, CISSP, CAP, CISA, CISM and CRISC certification courses for several training providers. His passions include Risk, IT Governance and Golf. Ted lives in Aiken, SC.