Jane is a CCA leading a CMMC assessment for an OSC. During the evaluation, Jane discovers that the OSC’s Chief Information Security Officer (CISO) is a former colleague with whom she had a contentious relationship in the past. Unbeknownst to the OSC, Jane still harbors resentment toward the CISO due to their previous conflicts. As the assessment progresses, Jane becomes increasingly critical of the CISO’s security practices, scrutinizing every detail and finding fault despite the OSC’s best efforts to demonstrate compliance. Given this scenario, how can a Certified CMMC Assessor’s personal bias impact the assessment of the OSC?
Submit