CMMC Level 2, Done Right: Scope CUI, Build Evidence, and Get Assessment-Ready

If your organization supports DoD or federal contracting and handles Controlled Unclassified Information (CUI), CMMC Level 2 is where “basic safeguarding” becomes a structured, evidence-driven program.

This webinar is designed for small and mid-sized organizations (primes and subcontractors) that need a clear, practical path to Level 2 readiness without over-scoping, overspending, or building a compliance program that can’t be sustained.

In CMMC Part III, we will translate Level 2 into plain-English decisions your leadership, contracts, IT, security, compliance, and operations teams can execute—especially around scoping CUI, defining the assessment boundary, and building an evidence trail that holds up under review.

Format: ~30–40 minutes of instruction + 10–20 minutes moderated live Q&A

What You’ll Learn:

By the end of this session, you will be able to:

• Determine when Level 2 likely applies (CUI triggers and common edge cases)
• Explain CUI scoping in plain English: where it lives, who touches it, and what’s in/out
• Define a defensible Level 2 assessment boundary (including enclaves and shared services)
• Understand what “objective evidence” looks like at Level 2 (SSP/POA&M, logs, tickets, reviews)
• Identify the most common readiness gaps (identity/access, logging, vuln mgmt, IR, supplier/MSP responsibility)
• Outline a practical 60–90 day readiness path and how to sustain compliance over time

Who Should Attend:

• Executives/Owners/COO/President responsible for bid eligibility and risk decisions
• Contracts/Procurement/Subcontracts teams handling clauses and flowdowns
• CIO/CTO/IT leaders responsible for environment boundaries and implementation
• CISO/Security and Compliance leaders responsible for control operation and evidence
• Program/Operations leaders who manage day-to-day process discipline

Not sure if you handle CUI? Attend anyway! Part III will help you identify CUI “gotchas” and avoid accidental over-scoping.

Speaker Line:

Kim Irving (CEO) and Dan Van Wagenen (CTO), Minerva Cyber Technologies
Hosted in partnership with the MTEC Consortium with studio and event support by Carahsoft.