Angela Polania, Author at Elevate

Lockheed Martin Just Drew a Line in the Sand; Are You CMMC Ready or Getting Left Behind?

Cybersecurity Maturity Model Certification (CMMC): Rulemaking Progress As of June 30, Lockheed Martin has made it official per their new release on cybersecurity suppliers updates: CMMC (Cybersecurity Maturity Model Certification) Level 2 isn’t optional if you want to stay in their supply chain. If your business touches Federal Contract Information (FCI) or Controlled Unclassified Information […]

The 7 Steps for CMMC Self-Assessment and Certification Process

For organizations aiming to secure Department of Defense (DoD) contracts, achieving Cybersecurity Maturity Model Certification (CMMC) compliance is a vital requirement. Whether handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), this certification demonstrates a commitment to security and compliance, protecting sensitive data while reinforcing competitive positioning. Below, we break down the seven steps […]

How an AI Bias Audit wasn’t enough to avoid litigation risk- Workday story

In May 2025, a California federal court certified a nationwide collective action alleging Workday’s AI hiring tools systematically discriminated against applicants over 40. Lead plaintiff Derek Mobley, rejected from over 100 roles via Workday’s platform, argued the AI screening software disproportionately filtered out older candidates. Workday AI Discrimination Lawsuit: Lessons in AI Governance and AI […]

AI Governance: The New Roadblock for SaaS Selling to Enterprise? Here’s How to Get Ahead!

AI governance refers to the policies, procedures, and oversight mechanisms that guide the development, deployment, and monitoring of AI systems. For B2B SaaS companies serving mid-market and enterprise clients, AI governance is increasingly appearing in vendor questionnaires and client requirements. Depending on your company’s size, you may currently rely on internal policies and hope for […]

How Much Does it Cost to be CMMC Level 2 Compliant

Helping companies become CMMC compliant, we have learned a lot about the options companies have out there and how to become compliant with the 110 control requirements (over 300 control objectives) of the standard. Key CMMC Pitfalls include: Organizations pursuing CMMC Level 2 certification often encounter significant challenges that can derail their compliance efforts and […]

How ISO 27001 Overlaps with ISO 42001

As organizations increasingly adopt artificial intelligence while maintaining robust information security practices, understanding the relationship between ISO 27001 and the new ISO 42001 standard becomes crucial for effective governance. What is ISO 27001? ISO 27001, formally known as ISO/IEC 27001:2022, is an international standard jointly created by the International Organization for Standardization (ISO) and the […]

Key Considerations for Conducting an AI Impact Assessment (ISO 42001)

Conducting an AI Impact Assessment is a critical requirement under ISO/IEC 42001, the international standard for Artificial Intelligence Management Systems (AIMS). This process enables organizations to systematically identify, evaluate, and manage the potential risks and benefits associated with AI systems—ensuring responsible, ethical, and compliant AI deployment. What is an AI Impact Assessment? An AI Impact […]

Defining CUI Boundary for CMMC Compliance

A Cybersecurity Maturity Model Certification (CMMC) assessment is a formal evaluation conducted by a Certified Third-Party Assessment Organization (C3PAO) to determine whether an organization meets the cybersecurity requirements of its targeted CMMC level. The primary focus is the protection of Controlled Unclassified Information (CUI), in alignment with the standards outlined in NIST SP 800-171. The […]

Moving Toward Unified Governance, Risk and Compliance

As organizations navigate their regulatory needs in 2025, many will recognize the increased and growing operational complexity this gives to their business. The limitations of siloed Governance, Risk, and Compliance (GRC) functions are starting to become more evident. Traditional, fragmented approaches to GRC lead to inefficiencies, duplicated efforts, and a lack of visibility across enterprise-wide […]

How ISO 42001 Overlaps with ISO 27001 and ISO 9001

In the current digital landscape, organizations face increasing challenges in managing security, quality, and compliance. The introduction of ISO/IEC 42001:2023, a standard for Artificial Intelligence Management Systems (AIMS), provides a structured framework for ethical, secure, and transparent AI governance. This article examines how ISO 42001 aligns with ISO/IEC 27001:2022 (Information Security Management) and ISO 9001:2015 […]

Author: Angela Polania

Lockheed Martin Just Drew a Line in the Sand; Are You CMMC Ready or Getting Left Behind?

The 7 Steps for CMMC Self-Assessment and Certification Process

How an AI Bias Audit wasn’t enough to avoid litigation risk- Workday story

AI Governance: The New Roadblock for SaaS Selling to Enterprise? Here’s How to Get Ahead!

How Much Does it Cost to be CMMC Level 2 Compliant

How ISO 27001 Overlaps with ISO 42001

Key Considerations for Conducting an AI Impact Assessment (ISO 42001)

Defining CUI Boundary for CMMC Compliance

Moving Toward Unified Governance, Risk and Compliance

How ISO 42001 Overlaps with ISO 27001 and ISO 9001

Product

AI Guardian

Compliance as a Service

Solutions

AI Governance & AI Risk Management

Cyber Security Compliance

Penetration Testing

Privacy Compliance

Virtual CISO

Internal Audit

Company

Blog

About Us

Careers

Contact Us

Copyright 2025 Elevate. All Rights Reserved.

Terms of use

Privacy Policy