In this episode Jacob speaks with Shauna Weatherly from FedSubK.com.
Shauna recently retired from the federal government after serving more than 35 years in the federal acquisition / contracting space! During her career she served as chief of contracting, contracting officer representative, and as an advisor to the Civilian Agency Acquisition Council (CAAC).
She even has direct experience in the federal rulemaking process, and contributed to FAR case 2017-016, also known as the FAR CUI rule, which will contractually require the implementation of NIST SP 800-171 on federal contracts.
Join us as we pull back the curtain on the federal rulemaking process and more!
Here are some highlights from the episode:
- Shauna’s background
- Steps and roles involved in the federal rulemaking process
- What is a FAR case?
- What is OIRA’s role?
- The relationship between the FAR and DFARS
- How to provide effective public comments on regulations
- Impacts of FAR case 2017-16 - CUI rule
- Impacts of FAR case 2021-17 - Cyber Threat and Incident Reporting and Information Sharing regulation
- Impacts of FAR case 2021-019 - Standardizing Cybersecurity Requirements for Unclassified Information Systems
Follow Shauna on LinkedIn: / shauna-weatherly
FedSubK website: www.fedsubk.com/
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: grcacademy.io/courses/?...
Need a FedRAMP authorized Password Manager?
Start a free 14-day trial of Keeper: grcacademy.io/ref/keeper/b2b-...
See the CMMC controls that Keeper meets: grcacademy.io/ref/keeper/cmmc...
00:00 Beginning
00:24 Shauna's background
01:13 How FedSubK helps small businesses
03:13 Basics of rulemaking
04:04 Rulemaking process
06:05 Questions on FAR cases
06:54 Rulemaking process
07:43 OIRA's role in CMMC rulemaking
09:17 Rulemaking process
11:44 OIRA's responsibilities
12:13 Rulemaking process
14:12 How this process changes for interim final rules
15:17 Advice to the public on providing effective comments on regulations
15:59 Where can the FAR and DFARS cases be found?
17:10 FAR case 2017-16 - CUI rule
19:09 The status of the FAR CUI rule
21:31 How will federal government handle independent assessment requirements?
23:18 FAR case 2021-17 - Cyber Threat and Incident Reporting and Information Sharing regulation
24:47 When does the government consider conflicting regulations?
25:39 FAR case 2021-019 - Standardizing Cybersecurity Requirements for Unclassified Information Systems
27:29 Conclusion
Негізгі бет Ғылым және технология Behind the Curtain of Federal Rulemaking with Shauna Weatherly of FedSubK.com
Пікірлер: 2