May 5 | The Hotel UMD, College Park, Maryland

View from the Application Owner (D01a)

05 May 2025
10:50

View from the Application Owner (D01a)

This talk, presented by Mr. Novakoff, explores tools, techniques, best practices, and challenges of CMMC compliance from the perspective of an application owner. Key topics include:

The pros and cons of using FedRAMP versions of applications to reduce compliance effort
Accessing vendor CIS/CRM documentation—whether it exists and how to obtain it
Aligning FedRAMP controls with CMMC controls
Identifying and addressing CSP, shared, and customer controls
Documenting compliance using FedRAMP versus CMMC controls
Accounting for internal and customer security requirements
Collaborating with internal security teams
Engaging with RPOs and C3PAOs
Preparing control artifacts
Leveraging software tools
Mr. Novakoff, a Certified CMMC Professional (CCP) and Senior Solution Architect for Salesforce’s internal CMMC-compliant Customer Relationship Management system, draws on his extensive experience, including his previous role as a CMMC/FedRAMP Subject Matter Expert at Accenture Federal.