In this conversation, Bobby Guerra and Kaleigh Floyd discuss the recent release of the 32 CFR Final Rule and its implications for organizations. They explore the importance of self-assessments, the complexities involved, and the distinctions between different types of compliance measures such as enduring exceptions, operational plans, and temporary deficiencies. 

The conversation also delves into the differences between Cloud Service Providers (CSPs) and External Service Providers (ESPs), providing insights into how organizations can navigate these new regulations effectively. Kaleigh and Bobby discuss FedRAMP requirements, the importance of understanding inheritance in compliance frameworks, and the recent changes in certification requirements for CCPs and CCAs.

LinkedIn: https://www.linkedin.com/in/bobbyguerra/
Website: https://www.axiom.tech/
YouTube: https://www.youtube.com/channel/UCaJagoDasNG3MqLqw2Af_ZQ
Kaleigh's: (1) Kaleigh Floyd | LinkedIn