Submit any questions you would like answered on the podcast! The September 2025 Cyber AB Town Hall dropped big updates for contractors navigating CMMC and NIST 800-171 compliance. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down what the final CMMC rule (Title 48A) means for defense contractors, subcontractors, and service providers. We cover the timeline for implementation, prime and subcontractor flow-down requirements, service provider risks (MSPs, ...
Submit any questions you would like answered on the podcast! Worried about mishandling Controlled Unclassified Information (CUI)? In this episode of the CMMC Compliance Guide Podcast, Brooke and Stacey break down what CUI really is, why it matters in defense contracting, and the biggest mistakes contractors make when handling it. You’ll also learn the real-world risks of CUI mishandling, how assessors check compliance during a CMMC Level 2 assessment, and the low-cost, practical solutio...
Submit any questions you would like answered on the podcast! The wait is over: the Department of Defense has finalized the CMMC rule, officially making it part of DFARS. That means compliance isn’t “coming soon”, it’s now in your contracts. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down what the final rule means for DoD contractors and subcontractors, the key deadlines you need to know, and the exact steps to prepare for Level 2 ...
Submit any questions you would like answered on the podcast! Confused about where NIST 800-171 fits into your CMMC 2.0 assessment? You’re not alone. In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break it all down in plain English. We cover the foundation of NIST 800-171, how it maps into the CMMC levels, what assessors actually look for during an audit, and the most common mistakes contractors make. We’ll also touch on the latest updates in...
Submit any questions you would like answered on the podcast! Thinking about building an enclave for CMMC compliance? Not so fast. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down: What an enclave actually is (in plain English)When an enclave makes sense (and saves you money)When it can hurt your compliance effortsWhat assessors will really be looking for in your auditIf you’ve ever asked, “Do I need an enclave for CMMC?”, ...
Submit any questions you would like answered on the podcast! Think you’re ready for your CMMC assessment? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the difference between being “paper ready” and truly “assessment ready.” From documentation gaps to overlooked technical controls, they share insider tips to help you pass with confidence. We’ll walk you through the common blind spots that can derail an assessment, how to stress test your compliance p...
Submit any questions you would like answered on the podcast! Marking a CMMC control as “Not Applicable” might feel like an easy shortcut but get it wrong, and you could fail your assessment, lose contracts, or even face legal trouble. In this episode of The CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down the real risks of misusing N/A, share common mistakes companies make, and explain how to properly justify a not applicable control so you stay compliant and av...
Submit any questions you would like answered on the podcast! Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap Is CMMC just one of many hats you wear at your company? You’re not alone and you’re not out of luck. In this episode of the CMMC Compliance Guide, we break down how overworked and under-resourced compliance leads can still make meaningful progress toward CMMC and NIST 800-171. Whe...
Submit any questions you would like answered on the podcast! 48 CFR UPDATE: https://www.ecfr.gov/current/title-48/chapter-2/subchapter-A/part-204/subpart-204.75 Missed the June 2024 Cyber AB Town Hall? We’ve got you covered. In this episode of the CMMC Compliance Guide, Brooke and Austin break down the biggest takeaways — including how recent leadership changes, service provider requirements, and G-code classification are shaping the path to CMMC compliance. If you're a DoD contractor or M...
Submit any questions you would like answered on the podcast! Are you trying to navigate CMMC and NIST 800-171 with a small team and limited resources? You're not alone. In this episode of the CMMC Compliance Guide, we’re breaking down six of the most common and confusing questions small DoD contractors ask—and giving you clear, practical answers you can act on immediately. Join Brooke & Stacey from Justice IT Consulting as they unpack risks of misinterpreting controls, mobile device sco...
Submit any questions you would like answered on the podcast! Happy 4th of July from the team at CMMC Compliance Guide Podcast! While you're celebrating freedom, hot dogs, and fireworks — don’t forget about safeguarding the data that defends that freedom. 🛡️ In this special edition, we're tackling what really works for CMMC compliance on the shop floor. From coolant-soaked travelers to ancient XP machines, this is your no-nonsense guide to staying compliant in real-world CNC and aerospace manu...
Submit any questions you would like answered on the podcast! 🆓 Need help getting your SPRS score to 110? Schedule your free SPRS Roadmap Session and get a step-by-step plan to close gaps and stay defensible: 👉 https://cmmccomplianceguide.com/free-sprs-roadmap The Department of Defense just issued a critical cybersecurity memo—and it's not just for the Lockheeds and Raytheons. In this episode, we break down what small and mid-sized DoD contractors must do now to respond to rising cyber threat...
Submit any questions you would like answered on the podcast! Why is CMMC compliance so expensive—especially for small businesses? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down what really drives up the cost of CMMC and NIST 800-171 compliance, and more importantly—how you can cut costs without cutting corners. We cover: The four stages of compliance cost: paperwork, project work, ongoing maintenance, and assessmentsWhat ass...
Submit any questions you would like answered on the podcast! Is your CMMC scope setting you up for success—or failure? In this episode of the CMMC Compliance Guide, Brooke and Stacey from Justice IT Consulting break down one of the most misunderstood (and expensive) parts of your compliance journey: scoping. Learn how to define your CUI boundary the right way, avoid common over-scoping mistakes, and streamline your assessment with clear documentation strategies. Whether you're prepping for a ...
Submit any questions you would like answered on the podcast! Missed CEIC West 2025 in Las Vegas? We’ve got your insider recap. In this episode of the CMMC Compliance Guide, Austin and Brooke break down the most critical insights defense contractors need to know—from Katie Arrington’s keynote to real-world flowdown risks, mock assessment walkthroughs, and what AI means for your CUI documentation. If you’re a small or mid-sized DoD contractor trying to stay compliant with CMMC, NIST 800-171, an...
Submit any questions you would like answered on the podcast! Are you sure you're NIST 800-171 compliant? In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke break down the most overlooked NIST 800-171 requirements that continue to trip up DoD contractors—and what you can do today to avoid those costly mistakes. From data flow diagrams to documentation pitfalls, supply chain risks, and misunderstood MFA and logging requirements, this episode is packed with practical insight...
Submit any questions you would like answered on the podcast! Get the latest insider takeaways from CMMC Day 2025 straight from Washington D.C. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down the most critical updates small and midsized businesses (SMBs) in the defense supply chain need to know now. We cover: ✅ Why CMMC is NOT going away (despite what skeptics think) ✅ Critical mistakes businesses still make with SSPs, scoping, and access control ...
Submit any questions you would like answered on the podcast! Feeling overwhelmed by CMMC compliance and NIST 800-171’s 110 controls? You’re not alone — but you don’t have to be stuck. In this episode of the CMMC Compliance Guide Podcast, Brooke and Austin break down NIST 800-171 Revision 2 in plain English — no government-speak, no tech jargon — so you can finally understand what each control family means for your business. You'll learn: What NIST 800-171 really requires (and why it matters f...
Submit any questions you would like answered on the podcast! Is your SPRS score putting your DoD contracts at risk? In this episode of the CMMC Compliance Guide, we break down exactly what the SPRS score is, why it matters, and how to improve it fast—before you lose out on federal work. Whether you're stuck at -72 or hovering at 80, we’ll walk you through how to get to 110 with practical, plain-English guidance. From gap analysis to POA&Ms, system security plans, encryption, MFA, and the...
Submit any questions you would like answered on the podcast! If someone tells you CMMC compliance can't be easy… they’re not necessarily wrong — but they’re also missing the point. In this episode of the CMMC Compliance Guide Podcast, Austin and Brooke from Justice IT Consulting break down one of the biggest myths in the compliance space: that achieving CMMC compliance has to be overwhelming, time-consuming, and painfully complex. Using our E.A.S.Y. framework, we’re showing you how strategi...