))
Audit of the DoD’s Process for Authorizing Third Party Organizations to Perform Cybersecurity Maturity Model Certification 2.0 Assessments (Report No. DODIG-2025-056)
Manage episode 461139317 series 3578015
Contenido proporcionado por Wilson Bautista Jr.. Todo el contenido del podcast, incluidos episodios, gráficos y descripciones de podcast, lo carga y proporciona directamente Wilson Bautista Jr. o su socio de plataforma de podcast. Si cree que alguien está utilizando su trabajo protegido por derechos de autor sin su permiso, puede seguir el proceso descrito aquí https://es.player.fm/legal.
A Department of Defense Inspector General audit (DODIG-2025-056) revealed that the Department of Defense (DoD) inadequately implemented its process for authorizing third-party organizations to conduct Cybersecurity Maturity Model Certification (CMMC) 2.0 assessments. The audit found that the DoD failed to ensure all required steps were completed before authorizing these organizations, increasing the risk of awarding contracts to companies lacking sufficient cybersecurity controls. Two hotline allegations were substantiated. Ten recommendations were issued to improve the authorization process, focusing on implementing quality assurance measures to guarantee compliance. The DoD OIG will continue monitoring the DoD's implementation of these recommendations.
Ref: https://www.dodig.mil/In-the-Spotlight/Article/4028197/press-release-audit-of-the-dods-process-for-authorizing-third-party-organizatio/
12 episodios
Compartir
