Andrew F. Hoover
CERT
Andrew Hoover is an SEI alumni employee.
Andrew Hoover is a senior engineer and the team lead of the Resilience Engineering Team in the CERT Division of Carnegie Mellon University’s Software Engineering Institute. In this role, Hoover focuses on cybersecurity architecture, cyber resilience, critical infrastructure protection, and teaches the CERT Resilience Management Model (CERT-RMM) course. Hoover has 16 years of experience in the information technology field. Hoover holds a bachelor of science degree in information systems from the University of North Carolina as well numerous security-related certifications, and he remains active in the cybersecurity community.
Publications by Andrew F. Hoover
-
An Introduction to CMMC Assessment Guides
December 08, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
In this SEI Podcast, Andrew Hoover and Katie Stewart, architects of the CMMC 1.0 model, discuss the CMMC assessment guides, how they were developed, and how they can be used.
learn more -
The CMMC Level 3 Assessment Guide: A Closer Look
December 08, 2020 • Podcast
Andrew F. HooverKatie C. Stewart
Andrew Hoover and Katie Stewart, architects of the CMMC 1.0 model, discuss the Level 3 Assessment Guide for the CMMC and how it differs from the Level 1 Assessment Guide.
learn more -
The CMMC Level 1 Assessment Guide: A Closer Look
December 08, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
Andrew Hoover and Katie Stewart, architects of the CMMC 1.0 model, discuss the Level 1 Assessment Guide for the CMMC.
learn more -
Optimizing Process Maturity in CMMC Level 5
October 13, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
Andrew Hoover and Katie Stewart, architects of the CMMC 1.0 model, discuss the Level 5 process maturity requirements, which are standardizing and optimizing a documented approach for CMMC.
learn more -
Reviewing and Measuring Activities for Effectiveness in CMMC Level 4
October 08, 2020 • Podcast
Andrew F. HooverKatie C. Stewart
Andrew Hoover and Katie Stewart, architects of the CMMC model, discuss reviewing and communicating CMMC activities and measuring those activities for effectiveness, which are requirements of Level 4 of the model.
learn more -
CMMC Scoring 101
September 03, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC) 1.0, discuss how assessed DIB organizations are scored according to the model.
learn more -
Developing an Effective CMMC Policy
August 25, 2020 • Podcast
Andrew F. HooverKatie C. Stewart
Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC) 1.0, present guidelines for developing an effective CMMC policy.
learn more -
Documenting Process for CMMC
July 30, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
Andrew Hoover and Katie Stewart, architects of the Cybersecurity Maturity Model Certification (CMMC) 1.0, discuss process documentation, a Level 2 requirement.
learn more -
CMMC Levels 1-3: Going Beyond NIST SP-171
July 01, 2020 • Podcast
Katie C. StewartAndrew F. Hoover
Andrew Hoover and Katie Stewart, CMMC architects, discuss Levels 1-3 of the model and what steps organizations need to take to move beyond NIST 800-171.
learn more -
The DoD’s Cybersecurity Maturity Model Certification and Process Maturity 1.0 (CMMC 1.0)
April 09, 2020 • Webinar
Katie C. StewartAndrew F. Hoover
This webcast provides insight into how organizations can prepare for CMMC.
watch -
A Targeted Improvement Plan for Service Continuity
April 08, 2019 • Technical Note
Andrew F. HooverGavin JureckoJeffrey L. Pinckard
Describes how an organization can leverage the results of a Cyber Resilience Review to create a Targeted Improvement Plan for its service continuity management.
read -
A Scorecard for Cyber Resilience: What We Have Observed
November 03, 2016 • Presentation
Robert A. VrtisAndrew F. Hoover
In this presentation, the speakers discuss the Cyber Resilience Review (CRR).
read