CMMC Compliance Guide
Our experiences inspired the creation of The CMMC Compliance Guide Podcast and its accompanying resources. The podcast began as a way to share what we learned through real-world challenges—like helping that aerospace machine shop—and to provide accessible education for businesses navigating DoD cybersecurity requirements. The CMMC Compliance Guide Podcast breaks down complex topics like NIST 800-171 and CMMC into actionable, easy-to-understand steps. Whether you’re a subcontractor struggling to meet compliance deadlines or a business owner looking to secure your supply chain, the guide offers practical advice to help you take control of your cybersecurity journey.
Episodes
Submit any questions you would like answered on the podcast!
Many DoW contractors feel confident they’re ready for a CMMC Level 2 assessment until assessors get involved. That’s when gaps in documentation, scope, and operational maturity start to surface.
In this episode of the CMMC Compliance Guide Podcast, Brooke breaks down why implementation alone does not equal readiness. We walk through what assessors look for before technical ...
Submit any questions you would like answered on the podcast!
The DoW just released updated CMMC FAQs that clarify the rules contractors keep getting wrong. In this episode, Austin and Brooke break down what the new guidance actually says, what it means for your scope, and where vendor and architecture decisions can derail an assessment before it even starts.
We cover the most important FAQ clarifications, including:
- The real CMMC ...
Submit any questions you would like answered on the podcast!
When CMMC compliance starts to feel overwhelming, most companies don’t fail because they lack effort, they fail because they don’t know where to start.
In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey break down why CMMC feels so urgent and high-risk for small and mid-sized DoD contractors, and how to triage your compliance work so you can m...
Submit any questions you would like answered on the podcast!
Get your free SPRS Roadmap here: https://cmmccomplianceguide.com/free-sprs-roadmap
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the #1 thing that trips companies up before a CMMC Level 2 assessment: evidence.
Having a binder of policies (or a 300-page SSP) is not enough. Assessors want proof you are doing what you say you do co...
Submit any questions you would like answered on the podcast!
What do CMMC Level 2 assessors notice first, sometimes within the first day, before they ever dig into your firewall configs or deep technical testing?
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the early red flags that can derail your assessment fast. We cover what assessors ask for right out of the gate (and how quickly you need to ...
Submit any questions you would like answered on the podcast!
Most small and mid-sized manufacturers do not fail CMMC because of “tech.” They fail because their documentation does not match how the shop actually runs.
In this episode, Austin and Brooke break down how to build CMMC documentation that is concise, accurate, and assessor-friendly without drowning in templates that were never written for your business. You will learn why t...
Submit any questions you would like answered on the podcast!
CMMC is no longer just a compliance requirement. It is now a competitive advantage that directly impacts who wins and who loses DoD contracts.
In this episode of the CMMC Compliance Guide Podcast, Stacey and Brooke break down how the final 48 CFR rule has changed the contracting landscape and why primes are now aggressively pushing CMMC requirements down to their ...
Submit any questions you would like answered on the podcast!
Are assessors judging you on CMMC or NIST 800 171 when audit day arrives?
In this episode of the CMMC Compliance Guide Podcast, Stacey and Brooke break down the real relationship between CMMC 2.0 and NIST 800 171 so you are not guessing when it matters most.
We walk through how the 110 NIST 800 171 controls and 320 assessment objectives drive your CMMC le...
Submit any questions you would like answered on the podcast!
Today’s episode of the CMMC Compliance Guide Podcast dives into the biggest myths that machine shops, fabricators, CNC shops, and mid-sized defense contractors still believe about CMMC. From cloud misconceptions to vendor promises that fall short, Brooke breaks down why these misunderstandings lead to failed assessments and what contractors should be doing instead.
We walk ...
Submit any questions you would like answered on the podcast!
CMMC Level 1 Self- Assessment Guide: https://dodcio.defense.gov/Portals/0/Documents/CMMC/AG_Level1_V2.0_FinalDraft_20211210_508.pdf
In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting break down CMMC Level 1 in clear, simple terms: what it is, who it applies to, and the exact steps small and mid-sized contractors must...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, Stacey and Austin from Justice IT Consulting walk through the top 12 essentials every contractor needs to achieve CMMC Level 2 compliance especially small and mid-sized defense manufacturers.
You’ll learn how to start compliance the right way with a formal gap assessment, define and shrink your CUI scope, and b...
Submit any questions you would like answered on the podcast!
In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey from Justice IT Consulting unpack the biggest updates from the Cyber AB’s October 2025 Town Hall and what they mean for defense contractors preparing for CMMC certification.
You’ll learn:
- Why the government shutdown isn’t delaying CMMC or the 48 CFR rollout
- The $875K False Claims Act case against Geor...
Submit any questions you would like answered on the podcast!
Get the inside scoop from CS5 East 2025, the largest cybersecurity and compliance event for the Defense Industrial Base. In this episode, Brooke and Stacey from Justice IT Consulting breaks down the biggest CMMC updates, Operation Midnight Hammer, and how AI is reshaping compliance.
Learn what the Cyber AB announced, how CMMC Phase 2 is rolling out, and what contr...
Submit any questions you would like answered on the podcast!
🎯 Get your Free SPRS Roadmap Session: https://cmmccomplianceguide.com/free-sprs-roadmap
Our experts will review your SPRS score, documentation, and setup to help you hit 110 with a clear action plan at no cost.
Prime contractors like Lockheed Martin, Raytheon, and Parker Hannifin are demanding proof of compliance before awarding new work — and subcontractors ...
Submit any questions you would like answered on the podcast!
The September 2025 Cyber AB Town Hall dropped big updates for contractors navigating CMMC and NIST 800-171 compliance.
In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down what the final CMMC rule (Title 48A) means for defense contractors, subcontractors, and service providers.
We cover the timeline for implementation, prime and subco...
Submit any questions you would like answered on the podcast!
Worried about mishandling Controlled Unclassified Information (CUI)?
In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey break down what CUI really is, why it matters in defense contracting, and the biggest mistakes contractors make when handling it.
You’ll also learn the real-world risks of CUI mishandling, how assessors check compliance during a CMMC L...
Submit any questions you would like answered on the podcast!
The wait is over: the Department of Defense has finalized the CMMC rule, officially making it part of DFARS. That means compliance isn’t “coming soon”, it’s now in your contracts.
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down what the final rule means for DoD contractors and subcontractors, the key de...
Submit any questions you would like answered on the podcast!
Confused about where NIST 800-171 fits into your CMMC 2.0 assessment? You’re not alone.
In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break it all down in plain English.
We cover the foundation of NIST 800-171, how it maps into the CMMC levels, what assessors actually look for during an audit, and the most com...
Submit any questions you would like answered on the podcast!
Thinking about building an enclave for CMMC compliance? Not so fast.
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down:
- What an enclave actually is (in plain English)
- When an enclave makes sense (and saves you money)
- When it can hurt your compliance efforts
- What assessors will really be looking for in your audit
Submit any questions you would like answered on the podcast!
Think you’re ready for your CMMC assessment?
In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the difference between being “paper ready” and truly “assessment ready.” From documentation gaps to overlooked technical controls, they share insider tips to help you pass with confidence.
We’ll walk you through the common blind spots that can dera...
Popular Podcasts
Two Guys (Bowen Yang and Matt Rogers). Five Rings (you know, from the Olympics logo). One essential podcast for the 2026 Milan-Cortina Winter Olympics. Bowen Yang (SNL, Wicked) and Matt Rogers (Palm Royale, No Good Deed) of Las Culturistas are back for a second season of Two Guys, Five Rings, a collaboration with NBC Sports and iHeartRadio. In this 15-episode event, Bowen and Matt discuss the top storylines, obsess over Italian culture, and find out what really goes on in the Olympic Village.
Listen to the latest news from the 2026 Winter Olympics.
The 2026 Winter Olympics in Milan Cortina are here and have everyone talking. iHeartPodcasts is buzzing with content in honor of the XXV Winter Olympics We’re bringing you episodes from a variety of iHeartPodcast shows to help you keep up with the action. Follow Milan Cortina Winter Olympics so you don’t miss any coverage of the 2026 Winter Olympics, and if you like what you hear, be sure to follow each Podcast in the feed for more great content from iHeartPodcasts.
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.