Skip to main content
 This program is not active.
Live Webcast Replay

ACPEN Signature: 2022 Living With the New CMMC (Cybersecurity Maturity Model Certification)

Total Credits: 4 including 4 Accounting - Technical

Average Rating:
ACPEN Signature |  Accounting and Auditing
Vijay D’Souza, CISSP, CEH |  Tommy Baril |  Harrison Lee |  Regan Edens |  Tom Wollard
Course Levels:
4 Hours



Note: This course is part of an 8 Hour course titled, ACPEN Signature: A CPA’s Guide to Living With the New CMMC (Cybersecurity Maturity Model Certification) and Crypto Currency

Cyber threats have impacted every aspect of our corporate and personal lives in the past few years. These threats can cause loss of sensitive information, disruption of operations, and significant—sometimes catastrophic—financial impacts. IBM reported in 2021 that the average cost of each data breach for an organization was over $4 million. In addition to financial gain, malicious cyber actors also seek access to sensitive information to provide to our competitors and our nation’s adversaries. The SolarWinds breach highlighted vulnerabilities in vendor processes that can be used to enter sensitive networks and exfiltrate information.
To better address these cyber risks, the Department of Defense (DOD) is establishing the Cybersecurity Maturity Model Certification (CMMC). This certification will be required for most DOD vendors as well as their subcontractors. CMMC is also being cited as a model for use by other federal agencies and the private sector to better secure their vendors and supply chains against cyber risks.

Our presenters will provide perspectives on issues and challenges related to the CMMC process and provide tools and resources to help you understand how to plan for and respond to CMMC requirements. This information will enable you to improve the cybersecurity of your own organization as well as the cybersecurity of your vendors, customers, and clients.

Basic Course Information

Learning Objectives
  • Understand the current and planned requirements for CMMC, the relationship between CMMC and other compliance requirements, and the three certification levels
  • Learn how to implement CMMC and understand third-party assessment
  • Have knowledge of the types of entities that may be subject to CMMC requirements and the resources available to assist in meeting those requirements
  • Understand steps that your organization (or your clients) can take now or may in the future be required to take to address CMMC
  • Create awareness of potential expansion of the CMMC requirements

Major Subjects
  • The current and planned requirements for CMMC
  • The relationship between CMMC and other compliance requirements
  • The two components of CMMC: implementation and third-party assessment
  • Types of entities that may be subject to CMMC requirements and the types of organizations available to assist in meeting those requirements
  • Steps that your organization (or your clients) can take now or may in the future be required to take to address CMMC
  • Potential expansion of CMMC-type requirements beyond the defense industrial base

Course Materials


Vijay D’Souza, CISSP, CEH's Profile

Vijay D’Souza, CISSP, CEH Related Seminars and Products

Vijay A. D’Souza, CISSP, CEH, is a partner with Cotton & Company specializing in cybersecurity assurance and advisory efforts. He is leading Cotton’s efforts related to the Cybersecurity Maturity Model Certification.  Prior to joining the firm in 2021, Mr. D’Souza spent 20 years with the U.S. Government Accountability Office (GAO), where he led a diverse set of audits and reviews of government cybersecurity and information technology issues. His recent work included efforts related to ransomware, DOD cybersecurity, the SolarWinds breach, use of the National Institute of Standards and Technology Cybersecurity Framework, and IT modernization efforts at the U.S. Department of Agriculture (USDA). He has testified before Congress several times and appeared in national and local media as an expert in cybersecurity issues.

Mr. D’Souza also led GAO’s Center for Enhanced Cybersecurity, which provides advanced technical support for GAO’s cybersecurity audits. He previously led GAO’s data analytics activities, as well as served as a Director in GAO’s Health Care Team.
Mr. D’Souza has an MBA from the University of California Berkeley and a BS in Engineering from the University of Maryland College Park.

Tommy Baril Related Seminars and Products

Assistant Director- Defense Capabilities and Management

Government Accountability Office

Tommy is an Assistant Director with the U.S. Government Accountability Office (GAO)’s Defense Capabilities and Management team.  In this capacity, he oversees multiple GAO teams that conduct non-partisan, fact-based, and objective assessments of national security matters. 

He currently focuses on Strategic Warfare and Intelligence topics – including military cyberspace operations against adversaries, cybersecurity, continuity of operations, insider threats, information operations, and electromagnetic spectrum operations. Tommy has also overseen bodies of work assessing NORAD’s operations to protect the United States, DOD’s response to national disasters within the United States, and the protection of U.S. forces stationed overseas.  

Since joining GAO, Tommy has briefed members of Congress, meets regularly with Congressional staffers, and engages with DOD leaders and officials. As a result of his teams’ assessments, Congress has written numerous provisions into law and DOD and other agencies have taken action to improve management and operational matters. 

Closer to home, Tommy serves on several boards for the City of Allen, a Scout leader, citizen emergency response teams, and Texas A&M University Association of Former Students leadership board.
Tommy graduated from Texas A&M University and lives in Allen, Texas, with his wife and children.

Harrison Lee's Profile

Harrison Lee Related Seminars and Products

Harrison Lee joined Cotton & Company in January 2009 as an Information Assurance (IA) staff auditor and was elected a partner with the firm’s Advisory group in January 2020. He has experience in managing Federal Information Security Modernization Act (FISMA) audits and reviews, financial statement audits, performance audits, and IT consulting engagements for multiple federal clients. Mr. Lee holds a Bachelor of Science in Business Information Technology from Virginia Tech, and is also a Certified Information Systems Auditor, Certified Information Systems Manager, Certified Information Systems Security Professional, and Project Management Professional. In 2018, Mr. Lee led FISMA support work for the United States Agency for International Development, where his team assisted the Chief Information Officer in becoming one of only five Chief Financial Officers Act agencies to achieve an Office of Inspector General FISMA rating of “Managed and Measurable,” which equates to an overall effective security program. He is also an active member of the Information Systems Audit and Control Association and the International Information System Security Certification Consortium.

Regan Edens's Profile

Regan Edens Related Seminars and Products

Chief Transformation & Compliance Officer and Co-Founder

DTC Global

Regan Edens serves as the Chief Transformation & Compliance Officer and Co-Founder of DTC Global. DTC Global provides digital transformation and compliance for large defense contractor supply chain ecosystems, which includes small and mid-size businesses and their tier suppliers. Mr. Edens is a subject matter expert regarding technology, security, and transformation challenges on the “path to compliance” for Controlled Unclassified Information and DFARS 7012, NIST, and CMMC requirements including Export Controlled information (ITAR/EAR). DTC Global is a premier boutique advisory firm.

Mr. Edens served as a founding Director for the CMMC Accreditation Body (CMMC-AB), Chairman of the Standards Management Committee and Vice-Chairman of the Training Committee. The CMMC-AB organization was chartered by DoD and launched in January of 2020 to lead and manage the complex process of establishing the certification ecosystem impacted by DFARS/CMMC requirements.
Mr. Edens represented the CMMC-AB in the Federal CUI Stakeholder’s Working Group, and led the CMMC Industry Working Group which contributed over 17,000 volunteer hours to the CMMC-AB resulting in the award of 20 Gold and 1 Lifetime Presidential Volunteer Service medals.  The purpose of Standards Management Committee was to provide clarity, consistency, and communication to the Defense Supply Chain regarding CMMC standards and DFARS requirements. He was one of four acting CMMC Certified Master Instructors for the Accreditation Body in training their Provisional Assessors.
Mr. Edens currently serves as a founding member of the CMMC Standards Council (CSC) which is an industry cooperative formed to develop a safe harbor to address risk by providing trustworthy resources and experience to help Organizations Seeking Certification (OSC) meet and sustain requirements for the Cybersecurity Maturity Model Certification (CMMC), DFARS, and other related CUI requirements.

Mr. Edens has served across various public and private capacities leading highly complex and demanding defense technology-driven operations, security, and intelligence activities. Mr. Edens has led digital transformation through implementation, operationalization, and horizontal/vertical integration of over $4.5B in technology platform systems. 
Mr. Edens led high performing organizations within the Special Operations and Intelligence Communities during multiple global deployments including Afghanistan and Iraq as a Senior DoD Intelligence Civilian, DoD contractor, and a US Army, active duty, Commissioned Officer. Under his leadership, activities were awarded 4 Defense Superior Civilian Service Awards (3rd highest award to a DoD Civilian) in 2012; 14 Bronze Stars, 12 Army Commendation Medals, and 6 Army Achievement Medals, in 2002, and other various agency commendations.

Tom Wollard's Profile

Tom Wollard Related Seminars and Products

Tom Wollard is the Senior Technical Program Manager on AWS’s CMMC Go-To-Market team.  Before coming to AWS, Tom spent 15 years as the director of Federal / DoD cybersecurity compliance for a SaaS Cloud Service Provider.  Tom has a JD from Rutgers Law School and is a retired USMC Aviator.

Additional Info

Basic Course Information



Advanced Preparation


Designed For

Accountability professionals working with government contractors, CPAs with government contractor clients and CPAs interested in learning how to add CMMC advisory and assurance services as new practice offerings 

Original Recording Date


Yellow Book


Course Developer

Business Professionals' Network (ACPEN)

Date Added to Catalog


Additional Information

Complaint Resolution Policy

Please contact Anne Taylor for any complaints. 

Official Registry Statement

Business Professionals' Network, Inc. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

Instructional Delivery Method

Group Internet Based

Refund/Cancellation Policy

Please contact the ACPEN help desk 1-877-602-9877 or if you wish to cancel your attendance for a previously purchased webcast and are requesting a refund or transfer.

Course Registration Requirements

Online Registration



Overall:      4.9

Total Reviews: 11


Lee F - Ann Arbor, Michigan

"I like he roundtable discussion on this issue."