CMMC Compliance Guide
Our experiences inspired the creation of The CMMC Compliance Guide Podcast and its accompanying resources. The podcast began as a way to share what we learned through real-world challenges—like helping that aerospace machine shop—and to provide accessible education for businesses navigating DoD cybersecurity requirements. The CMMC Compliance Guide Podcast breaks down complex topics like NIST 800-171 and CMMC into actionable, easy-to-understand steps. Whether you’re a subcontractor struggling to meet compliance deadlines or a business owner looking to secure your supply chain, the guide offers practical advice to help you take control of your cybersecurity journey.
Episodes
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, we break down the most common mistakes defense contractors make when preparing for CMMC compliance and how those mistakes can cost you time, money, and even future contracts.
Even though CMMC 2.0 is now enforceable, many companies are still struggling with readiness. The issue is not effort, it is approach. Many contract...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, we tackle one of the most misunderstood topics in CMMC compliance.
Many contractors assume that if information is not marked as controlled unclassified information, then it is not CUI. But that assumption can lead to serious compliance risks.
We break down how manufacturers and machine shops can actually create CUI while ...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, we break down one of the biggest misconceptions in CMMC compliance.
Most contractors think CMMC is just a cybersecurity upgrade. Install a few tools, write some policies, and you are ready for an assessment. But that is not how CMMC actually works.
The real challenge is the operational workload behind compliance.
We walk t...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, we break down one of the most overlooked risks in CMMC compliance. What actually happens when your environment changes after an assessment?
Many contractors assume that once they pass a CMMC assessment or complete a self assessment, they are set for the next year or even three years. But recent guidance from the Cyber AB...
Submit any questions you would like answered on the podcast!
What are prime contractors actually expecting from suppliers when it comes to CMMC and cybersecurity?
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke sit down with Bo Birdwell from Elbit Systems of America to get the prime contractor perspective on what suppliers need to understand right now. They break down how primes are thinking about CMMC, what t...
Submit any questions you would like answered on the podcast!
What do small machine shops, aerospace suppliers, and defense manufacturers really need to know about CMMC right now?
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke answer some of the most common supplier questions they hear from companies trying to prepare for CMMC compliance. They break down how small suppliers can plan when contract requirements ...
Submit any questions you would like answered on the podcast!
lot of contractors assume CMMC Level 1 is just a simple checkbox. It is not.
In this episode, Austin and Brooke break down what CMMC Level 1 actually requires, what a self-assessment really looks like, and why self-attestation without documentation can create serious risk.
They cover the difference between Level 1 and Level 2, what Federal Contract Information (FCI) actuall...
Submit any questions you would like answered on the podcast!
Scope is the foundation of your CMMC compliance program and getting it wrong is one of the most expensive mistakes a DoD contractor can make.
In this episode, Austin and Brooke break down what “scope” actually means in plain English, why contractors skip scoping early on, and how one small miss, like a downloads folder or a USB handoff, can quietly pull major systems into s...
Submit any questions you would like answered on the podcast!
The January 2026 CMMC Town Hall brought several important clarifications and program updates that directly impact Department of War (DoD) contractors.
In this episode of the CMMC Compliance Guide Podcast, we break down what changed, what was clarified, and what contractors should take away from the latest guidance.
We cover:
- New DOW CIO leadership changes and what they me...
Submit any questions you would like answered on the podcast!
Many DoW contractors feel confident they’re ready for a CMMC Level 2 assessment until assessors get involved. That’s when gaps in documentation, scope, and operational maturity start to surface.
In this episode of the CMMC Compliance Guide Podcast, Brooke breaks down why implementation alone does not equal readiness. We walk through what assessors look for before technical ...
Submit any questions you would like answered on the podcast!
The DoW just released updated CMMC FAQs that clarify the rules contractors keep getting wrong. In this episode, Austin and Brooke break down what the new guidance actually says, what it means for your scope, and where vendor and architecture decisions can derail an assessment before it even starts.
We cover the most important FAQ clarifications, including:
- The real CMMC ...
Submit any questions you would like answered on the podcast!
When CMMC compliance starts to feel overwhelming, most companies don’t fail because they lack effort, they fail because they don’t know where to start.
In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey break down why CMMC feels so urgent and high-risk for small and mid-sized DoD contractors, and how to triage your compliance work so you can m...
Submit any questions you would like answered on the podcast!
Get your free SPRS Roadmap here: https://cmmccomplianceguide.com/free-sprs-roadmap
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the #1 thing that trips companies up before a CMMC Level 2 assessment: evidence.
Having a binder of policies (or a 300-page SSP) is not enough. Assessors want proof you are doing what you say you do co...
Submit any questions you would like answered on the podcast!
What do CMMC Level 2 assessors notice first, sometimes within the first day, before they ever dig into your firewall configs or deep technical testing?
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the early red flags that can derail your assessment fast. We cover what assessors ask for right out of the gate (and how quickly you need to ...
Submit any questions you would like answered on the podcast!
Most small and mid-sized manufacturers do not fail CMMC because of “tech.” They fail because their documentation does not match how the shop actually runs.
In this episode, Austin and Brooke break down how to build CMMC documentation that is concise, accurate, and assessor-friendly without drowning in templates that were never written for your business. You will learn why t...
Submit any questions you would like answered on the podcast!
CMMC is no longer just a compliance requirement. It is now a competitive advantage that directly impacts who wins and who loses DoD contracts.
In this episode of the CMMC Compliance Guide Podcast, Stacey and Brooke break down how the final 48 CFR rule has changed the contracting landscape and why primes are now aggressively pushing CMMC requirements down to their ...
Submit any questions you would like answered on the podcast!
Are assessors judging you on CMMC or NIST 800 171 when audit day arrives?
In this episode of the CMMC Compliance Guide Podcast, Stacey and Brooke break down the real relationship between CMMC 2.0 and NIST 800 171 so you are not guessing when it matters most.
We walk through how the 110 NIST 800 171 controls and 320 assessment objectives drive your CMMC le...
Submit any questions you would like answered on the podcast!
Today’s episode of the CMMC Compliance Guide Podcast dives into the biggest myths that machine shops, fabricators, CNC shops, and mid-sized defense contractors still believe about CMMC. From cloud misconceptions to vendor promises that fall short, Brooke breaks down why these misunderstandings lead to failed assessments and what contractors should be doing instead.
We walk ...
Submit any questions you would like answered on the podcast!
CMMC Level 1 Self- Assessment Guide: https://dodcio.defense.gov/Portals/0/Documents/CMMC/AG_Level1_V2.0_FinalDraft_20211210_508.pdf
In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting break down CMMC Level 1 in clear, simple terms: what it is, who it applies to, and the exact steps small and mid-sized contractors must...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting walk through the top 12 essentials every contractor needs to achieve CMMC Level 2 compliance especially small and mid-sized defense manufacturers.
You’ll learn how to start compliance the right way with a formal gap assessment, define and shrink your CUI scope, and b...
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by Audiochuck Media Company.
Listen to 'The Bobby Bones Show' by downloading the daily full replay.
The Clay Travis and Buck Sexton Show. Clay Travis and Buck Sexton tackle the biggest stories in news, politics and current events with intelligence and humor. From the border crisis, to the madness of cancel culture and far-left missteps, Clay and Buck guide listeners through the latest headlines and hot topics with fun and entertaining conversations and opinions.