DFARS Cybersecurity Webinar Series #16

"Complying with the DoD Assessment Methodology and DIBCAC Assessment Process", featuring John Ellis, DCMA

This webinar was broadcast live on Wednesday, January 20, 2021.

Cost: free

Partnering with:

SYNOPSIS


New DFARS Interim Rules went into effect in December 2020, forcing defense contractors to adhere to new processes and requirements, and placing greater emphasis on compliance with cybersecurity regulations. Contractors who handle Controlled Unclassified Information (CUI) must now conduct self-assessments of NIST 800-171 compliance status in accordance with NIST 800-171A assessment guidance; score themselves on a subtractive, weighted formula as prescribed by the DoD Assessment Methodology scoring system; and report their scores and expected POAM completion dates to the government through the Supplier Performance Rating System (SPRS) in order to remain eligible to win new contract awards that involve handling CUI. In addition, the DCMA's Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) is now able to mandate more detailed analysis of contractor compliance through Medium and High confidence assessments at the government's discretion. For Medium and High assessments, DIBCAC personnel may perform detailed reviews of contractor SSPs, or conduct full NIST 800-171A evidence-based assessments of contractor compliance.

In this webinar, John A. Ellis, Director of the DCMA's Software Division, will provide key information that all defense contractors should understand about what is required, what to expect, and how to prepare for the DoD Assessment Methodology and DIBCAC assessment process; and cybersecurity compliance experts from eResilience will share best practices for prime contractors and subcontractors to assist in navigating compliance challenges.

John A. Ellis
Director, Defense Contract Management Agency's (DCMA) Software Division
John A. Ellis, Director of the Defense Contract Management Agency's (DCMA) Software Division, has been a leader in the DCMA's effort to improve cybersecurity compliance across the Defense Industrial Base. Mr. Ellis, a retired Army Colonel, served on active duty for more than 30 years. Commissioned a second lieutenant in the Field Artillery in May 1985 and becoming a member of the Army Acquisition Corps in 1995, he served in a variety of assignments until his retirement 1 June 2015. He held assignments both stateside and abroad. Mr. Ellis’ DCMA experience began as the Commander of the Future Combat Systems (FCS)/Army Modernization Programs (AMP) contract management office in St. Louis, MO and he culminated his active duty career as DCMA’s Central Region Commander. Mr. Ellis is a Member of the Defense Acquisition Corps and is Level III certified in 3 disciplines: Information Technology; Program Management; and Engineering. John is also a Certified Information Systems Security Professional (CISSP).