Challenges in Adopting CMMC Standards

challenges in adopting CMMC standards

Many small businesses owners have expressed concerns about the challenges in adopting CMMC standards.  While the Department of Defense (DoD) has been stressing the necessity for contractors to reach various levels of Cybersecurity Maturity Model Certification (CMMC) for years now, many businesses are at a loss as to how to implement an effective program despite … Read more

Export Compliance Program Management ISO 37301

Export Compliance Program Management

Export Compliance Program Management Effective export compliance program management poses challenges for organizations of all sizes and sectors.  U.S. export regulations such as the Export Administration Regulations (EAR) and the International Traffic in Arms Regulations (ITAR) are complex and under constant revision.  Compliance is further complicated for organizations that have multinational operations and must therefore … Read more

Service Industry Quality Management ISO 9001-1:2015

service industry quality management

Why Have a Quality Management System for Service Industry Businesses? At first glance a Quality Management System (QMS) might appear inappropriate for service industry businesses.  There would appear to be a lack of metrics to serve as inputs, as a large portion of the product is not physical.  Customer satisfaction however, is a very tangible … Read more

Messaging App Security and Information Privacy

messaging app security

Many users take messaging app security for granted when sending text messages, voice messages, photos, and videos.  However, not all apps secure messaging data equally.  This is a concern for both organizations and individuals who wish to ensure the confidentiality, integrity, and authenticity of information transferred between authorized users. Elements of Messaging Security Messaging app … Read more

Cybersecurity Maturity Model Certification (CMMC)

cybersecurity maturity model certification

What is Cybersecurity Maturity Model Certification? The Office of the Under Secretary of Defense for Acquisition & Sustainment has released the Cybersecurity Maturity Model Certification program.  The program will be made effective in new programs released by the Department of Defense (DoD) and will be a requirement for product and service providers.  This program has … Read more

Cybersecurity Threats Trending Methods for 2021

Cybersecurity threats trending methods

Cybersecurity Threats by Industry Sector Cybersecurity threats remain a significant concern for organizations in every sector.  IBM’s 17th Cost of a Data Breach Report provided insights in to the nature of the threat environment in 2021.  This report provides an assessment of risks and strategies for protecting data and responses to data breaches. Among its … Read more

Quality Management Systems (QMS) Consultants

What is a Quality Management System? A Quality Management System (QMS) is an assemblage of processes, procedures, and polices for achieving customer requirements and customer satisfaction.  These systems, when appropriately applied, can provide an enterprise with increased operational consistency and profitability.  Although originally created for manufacturing endeavors, QMS are also applicable for service industries.  There … Read more

Quality Management System Documentation Creation

Quality Management System Documentation

ISO 9001: 2015 Quality Management System Requirements Proper documentation is the cornerstone of ISO 9001:2015.  Creating a system of documentation that is appropriate to your company’s requirements is crucial.  This is because the documentation defines the manner in which it will conduct business.  Paying attention to the design of your Quality Management System (QMS) at … Read more

Corrective Actions – Make them Work For You

susceptibility emi emc testing

Corrective Actions Provide Opportunities for Improvement Corrective Actions are excellent opportunities for process improvement and increasing profitability.   It is necessary however, to implement a process to these control corrective actions.  This is often perceived by some as being a cumbersome, unnecessarily complicated, and time consuming process.  However, a properly constructed Quality Management System can ensure … Read more

Spyware a Growing Concern for Businesses

spyware a growing concern for businesses

According to a number of leaders in cybersecurity, spyware is becoming an issue of growing concern for businesses.  Malwarebytes, in its 2021 report, Malwarebytes 2021 State of Malware Report, observed that business spyware detections increased 51% in 2020.  These spyware infections can be found on both computers and mobile devices. What is Spyware? Spyware is … Read more

ISO 9001 Business Management Beyond Quality

iso-9001 business management

ISO 9001 provides tools for business management beyond the scope of product quality.  Incorporating these tools can help an organization effectively and consistently manage specific issues and requirements strategically.  Furthermore, because ISO 9001:2015 requires involvement from top management and relevant stakeholders, it ensures that these issues will be addressed comprehensively.  Context of the Organization “Context … Read more

SuperMicro Hardware Hack on Server Motherboards

Supermicro Hardware Hack

Bloomberg reported on February 12, 2021 that a Supermicro hardware hack had been conducted on server motherboards by a Chinese espionage program.  This report follows previous reports by the news agency in 2018 and illustrates the susceptibility of technology manufacturers to supply chain attacks.  The hack involved embedding a small integrated circuit into the trace … Read more

Effective Quality Management Documentation

Creating Effective Quality Management Documentation Effective Quality Management Documentation is the backbone of a ISO 9001:2015 quality program.  The documentation created therefore should be clear, concise, and targeted for its intended audience.   Documents serve to explain and instruct all stakeholders on policies, procedures, and work instructions.  They also provide the basis for evaluation for continuous … Read more

Effective Quality Management Systems Implementation

Effective Quality Management Systems

Creating Effective Quality Management Systems. Effective Quality Management Systems (QMS) are the products of proper implementation.  For ISO 9001:2015, that implementation is dependent on a detailed assessment of what processes are required for by the context of the organization.  That assessment can also provide guidance for requirements of  the management team that needs to be … Read more

CMMC Certification – We Can Help!

As a Cybersecurity and NIST Consultant, we are prepared to help Department of Defense (DoD) companies and contractors to develop their Cybersecurity Maturity Model Certification (CMMC) programs. The development of CMMC has been a concern for companies in the Defese Industrial Base (DIB) and many have voiced concerns that the CMMC was creating barriers to … Read more

Information Security Management System
ISMS

What is an Information Security Management System (ISMS) An Information Security Management System is a collection of policies, procedures, and controls that systematically address information security in an organization.  It is a framework based on risk assessment and risk management.  The most widely recognized and instituted ISMS in the business environment is ISO 27001.  It … Read more