Mar 15 (edited) • General discussion
Who I Am and Why You Should Trust What You Learn Here
I am JD Ussery, and I am building The CMMC Readiness Vault and this community because I am a practitioner and saw a gap that needed to be filled.
There is no shortage of CMMC content. There are webinars, white papers, LinkedIn posts, vendor pitches disguised as education, and plenty of consultants who discovered CMMC six months ago and now claim to be experts. What is in short supply is practical, accurate, implementation-focused guidance built by someone who is doing this work.
That is what I bring to the table. Here is my background so you can evaluate it for yourself.
The IT Leadership Foundation
I serve as Associate CIO of Enterprise Applications at the University of Arkansas, Fayetteville, where I oversee enterprise and business application teams for a major research university. Before that, I held IT leadership roles at the University of Wisconsin-Madison and in the private sector, including Vitro Corp, RCA, Crop Production Services, CSC, and IBM. My career spans enterprise IT architecture, data governance, information security, and the operational realities of running complex technology environments in large organizations.
I hold CIGO (Certified Information Governance Officer), PMP, and ITIL certifications. I am not a theorist. I have spent decades managing the systems, processes, and organizational dynamics required by CMMC compliance. I am a CMMC Registered Practitioner (RP) and working toward Registered Practitioner Advanced (RPA) certification.
The CMMC Practitioner Perspective
My CMMC work is grounded in direct, hands-on experience. At the university level, I am working on CMMC compliance documentation, including System Security Plans, procedure manuals, authorization and access registers, and the workflow specifications needed to operationalize NIST SP 800-171 controls in a complex institutional environment. I understand the unique challenges of implementing CMMC in higher education: shared governance, transient research workforces, faculty autonomy, and the scoping complexity of CUI in a research university. Course 5 (CMMC for Higher Education) will address this specifically with the depth it requires.
For the broader defense industrial base audience, I am building out the CMMC Mastery Series as a five-course, practitioner-to-practitioner CMMC readiness training program that covers the full journey from foundational concepts through Level 2 implementation and C3PAO assessment readiness. Every course, every module, every practice-by-practice implementation guide, and every exercise in this series was developed from the perspective of someone who has to make these controls work in real environments, not from an abstract compliance framework or a consultant that doesn't have to live with the results.
The Military Background
I am a U.S. Navy veteran. I served as a Fire Control Technician (weapons system/radar technician) aboard the USS Callaghan DDG 994. That experience gave me something that shapes everything I do professionally: an understanding that the systems we protect and the information we safeguard have real consequences for the people who depend on them. CMMC is not a bureaucratic exercise. It exists because adversaries are actively stealing information that undermines the capabilities of the men and women who serve. I take that personally, and it is why I approach this work with the seriousness it deserves.
What This Means for You
I am not selling you a certification. I am not a C3PAO. I am not going to assess your organization. I'm a practitioner doing this work, I understand both the technical controls and the organizational realities of making them stick, and I've built this community to help others do the same.
This is a practitioner helping practitioners. That is the premise of the CMMC Readiness Vault, and it is the standard I hold myself to in everything you will find here.
If you have questions about my background, my approach, or anything in the courses, ask. I am here, and I am accessible. That is the point of a community.
Let's get this right, together. The clock’s ticking.
-- JD Ussery
CMMC Readiness Vault
0
0 comments
Who I Am and Why You Should Trust What You Learn Here
skool.com/cmmc-readiness-vault
Learn how to prepare for CMMC Compliance. Practitioner-led CMMC Readiness community. Real implementation guidance, templates, and peer support.
Powered by