In this session of the Ankura CMMC series we will focus on the CMMC audit with a provisional AB-trained assessor. The panel will address what to expect during an audit, how an organization can protect its assets while providing artifacts and sensitive data, and whether the assessor can remove information from your organization. We will also address the recourse or appeal process that an organization has available to it, if it disagrees with its audit results, as well as the lifecycle of the audit and results.
Senior Director, Ankura
Partner, Akin Gump
Business Unit Director, NQA Global
Timothy J. Woodcome is the Business Unit Director at NQA, a leading global third-party certification body and pending CMMC C3PAO, Tim directly oversees NQA’s ISO, NIST and CMMC assessment programs. While CMMC is a very new and rapidly evolving development, Tim and the NQA team have been participating in the industry groups developing CMMC since mid-2019 and stand ready to be one of the forthcoming CMMC C3PAOs. Tim has worked in the third-party assessment field for over 25 years, with hands-on experience in internationally-recognized standards including Information Security (ISO 27001), Privacy (ISO 27701), IT Service Management (ISO 20000-1), Business Continuity (ISO 22301), and related disciplines (now including NIST 800-171 and CMMC) throughout that period. As a certified management systems lead assessor, Tim has led and participated in hundreds of third party audits for organizations in the ICT, finance, manufacturing and service industries within both the public and private sectors. Tim also serves on various industry working groups charged with the development and oversight of assessment standards and oversight of third-party certification processes.
Senior Managing Director, Ankura