Who Should Be Interviewed During a CMMC Assessment?
During assessment planning, theOrganization Seeking Certification (OSC)may suggest personnel for interviews. However, the person interviewedmustbe someone who:
✅Implementsthe practice (directly responsible for executing it).
✅Performsthe practice (carries out day-to-day security operations).
✅Supportsthe practice (provides necessary resources or oversight).
Why "Implements, Performs, or Supports That Practice" is Correct?
Theassessor needs direct insightsfrom individuals actively involved in the practice.
Funding (Option A)does not providetechnical or operationalinsight into practice execution.
Auditing (Option B)focuses on compliance checks, but auditorsdo not implementthe practice.
Supporting, auditing, and performing (Option C)includesauditors, who arenot necessarily the right interviewees.
Breakdown of Answer Choices
Option
Description
Correct?
A. Funds that practice.
❌Incorrect–Funding is important but doesnot mean direct involvement.
B. Audits that practice.
❌Incorrect–Auditors check compliance but donot implementpractices.
C. Supports, audits, and performs that practice.
❌Incorrect–Auditing isnot a requirementfor interviewees.
D. Implements, performs, or supports that practice.
✅Correct – The interviewee must have direct involvement in execution.
Official References from CMMC 2.0 Documentation
CMMC Assessment Process Guide (CAP)– Requires that interviewees bedirectly responsiblefor implementing, performing, or supporting the practice.
Final Verification and Conclusion
The correct answer isD. Implements, performs, or supports that practice, as the interviewee mustactively contribute to the execution of the practice.
Submit