How to Get CMMC Certified

Todd Connor

For organizations seeking clarification on the Cybersecurity Maturity Model Certification (CMMC) process, we walk through the 7 steps that can take you end-to-end.

From establishing your scope to remediating gaps, this detailed whitepaper will help demystify a complicated and evolving compliance process for those seeking to do business with the Department of Defense.

About the Author

Todd Connor is a Senior Associate with Schellman based in Jacksonville, FL. Prior to joining Schellman in 2022, Todd worked as a technology manager for a maritime shipping company responsible for architecting and developing their NIST / CMMC compliance program. Todd has over twenty years of information technology leadership experience across various industries including transportation & logistics, pharmacy benefits management, retail pharmacy and big-box retail, during which time, he has been responsible for responding to NIST 800-171, HIPAA, PCI, ISO and Sarbanes Oxley audits. Todd is now focused primarily on Schellman’s FedRAMP practice, specializing in CMMC compliance for organizations across various industries.
More Content by Todd Connor

The FedRAMP Assessment Process: What Do You Need to Provide?

Considering FedRAMP but not sure what it'll take to achieve? We break down 3 aspects of what you'll need to...

Next Video

How Schellman Can Help With Your FedRAMP ATO

Stay up to date and discover new insights into compliance through our team’s thought leadership

How to Get CMMC Certified

About the Author

Previous Article

Next Video

How to Get CMMC Certified

About the Author

Previous Article

Next Video

Other content in this Stream

Considering a FedRAMP Moderate Assessment? We break down what to expect from the process, the elements that will be evaluated, and specific areas to take care of so you can streamline your experience.

Wondering how long the FedRAMP process takes? We explore the different phases of the program with rough timetables so that you can set more accurate expectations for your organization.

FedRAMP may be complicated, but DoD cloud computing security requirements are even more stringent. We break them down for you so that your entire journey to becoming compliant is that much simpler.

Considering FedRAMP but not sure what it'll take to achieve? We break down 3 aspects of what you'll need to provide during the process so that you can assess if you're ready & prepare to move forward.

Having trouble scanning RDS? Here are 5 easy steps to help you set up your Nessus scanner correctly so that you can complete successful scans to meet FedRAMP requirements.

NIST SP 800-171 has recently been gaining traction given its relevance to the upcoming launch of CMMC. Learn how this publication fits in with federal frameworks and the requirements it lays out.

Schellman is one of many 3PAOs capable of helping organizations achieve FedRAMP ATO. As you search for the right firm for you, here are 3 things you need to know about us & our FedRAMP capabilities.

Trying to get started with FedRAMP? To help you avoid confusion, we break down what kind of firm you need and when so that your cloud service offering gets compliant sooner.

Want to become FedRAMP Ready on the Marketplace but not sure what it takes? Learn about the minimal requirements your CSO will need to meet ahead of the Ready Assessment.

Before you engage a FedRAMP 3PAO like Schellman to assess you, you'll need the services of a consultant. Read how these advisors can help you & what to ask them to ensure you get the best one for you.

Want to get through the complexities of FedRAMP more easily? Read about 5 common pitfalls that sometimes trip up organizations during this process so that you can better avoid becoming one of them.