CMMC Accreditation Body
Built to Listen. Organizational Structure.
The following is provided for informational purposes only and may change once the board adopts the bylaws. There will be opportunities for industry involvement in the CMMC-AB through the Councils which will be independent advisory bodies. Additionally, the board will form committees, which will then, in turn, create specific issue-oriented working groups.
Stay tuned in the coming weeks and months for details on how you can participate in Councils and Working Groups.
- Karlton D. Johnson, Chairman
- Jeff Dalton, Vice Chairman
- Sheryl Hanchar, Secretary
- Yong-Gon Chon, Treasurer
Chairman, Board of Directors
Karlton D. Johnson is a senior executive and respected visionary leader with over 32 years of subject matter experience in strategic leadership & risk, partnership creation, organizational excellence, mission assurance, cybersecurity and enterprise communications technologies. Mr. Johnson has deep expertise in bringing insight, clarity and direction towards empowering critical decisions that solve complex problems for organizations. He also has a proven track record of identifying growth opportunities that deliver tangible efficiencies for companies and has broad international experience consulting to foreign governments in driving large-scale program initiatives from requirements to full implementation.
A decorated combat veteran, he previously served as the Chief Information Officer (CIO) for the Multinational Security Transition Command-Iraq. Under his leadership, his joint team conducted numerous combat missions in hostile fire zones to build revolutionary ICT capabilities for the Iraqi Ministries of Defense, Interior, and the Counter-Terrorism Bureau. In his final posting, he served with distinction as the Senior US military executive/CIO and lead cyberspace expert adviser to the 4-star Commander at United States Forces-Korea, Seoul, Republic of Korea. As the Korean Peninsula’s senior U.S. cyber executive, he led elite Joint military, civilian, and contract personnel in providing strategic oversight for all U.S. communications in the Republic of Korea supporting 28,000 military personnel, and he was the principal U.S. military liaison to Republic of Korea’s cyber organizations for bilateral cyberspace cooperation.
In 2014, Mr. Johnson retired from USAF Active Duty as a Colonel after 26 years of honorable service. Over his long and distinguished career, he successfully developed solutions that enabled business transformation globally for large, multinational organizations, exercised strategic leadership in firms of up to 47,000 employees, and led resource asset portfolios up to $5.5 billion. He is currently the Chief Executive Officer of Delaine Strategy Group LLC, a strategic advisory practice providing counsel to C-Suite leaders in the public, private, non-profit and government sectors.
Mr. Johnson serves in senior leadership positions on other Boards, and he also holds several Master’s Degrees and executive Graduate Certifications from various institutions to include George Washington University, National Defense University, West Virginia University, ISACA and the U.S. government.
Vice Chairman, Board of Directors
Chair, Accreditation & Credentialing Committee
Board of Directors
Jeff Dalton is President and CEO of Broadsword and Chief Evangelist with AgileCxO.org.
He is a Certified CMMI Lead Appraiser and AgileCxO Lead Assessor, and author of Great Big Agile: An OS for Agile Leaders. He is the principal author of the CMMI Institute’s “Guide to Scrum and CMMI: Improving Agile Performance with CMMI” and was the first, third, and fourth Chairman of the CMMI Institute Partner Advisory Board, where he led the group through their transitionary period from the Software Engineering Institute, where he was Vice Chairman and later Chairman of their Partner Advisory Board.
Dalton has a background in technology leadership, and has served as Director and VP or Product Development and Quality with multiple companies, and was a Senior Manager and Chief Technology Executive at Ernst and Young, LLP.
Jeff is an active jazz bassist who builds experimental aircraft, and lives with his wife of 25 years in Marathon, FL.
Secretary, Board of Directors
Sheryl Hanchar is Vice President and Chief Information Security Officer (CISO) at Cobham Advanced Electronic Solutions (CAES) where she leads the company Information Security and Governance, Risk, and Compliance programs.
Sheryl has over 25 years of Information Technology and Security experience serving in leadership roles for international multibillion-dollar firms with responsibilities of managing cybersecurity and information technology risk, supply chain risk, regulatory compliance, budget and financial scaling, and operational improvements.
Prior to her current role, Sheryl held the titles of CISO and vCISO providing guidance and strategy at HireRight, a background screening firm, and at Ingram Micro where she delivered framework and strategy aligned with acquisition and migration implementation.
As Global Deputy CISO for Broadcom Corporation, she led divisions aligned with Cyber, Insider Threat and Identity and Access Management and product\supply chain security initiatives. She was Chairman of and founded the Veteran Employee Resource Group (VERG). While at Harris Corporation, Sheryl established and managed the Security Operations Center, Incident Response, and Threat Mitigation teams. During this time, Sheryl partnered with the Defense Industrial Base (DSIE) to grow intelligence-sharing capabilities aligned with protecting our nation’s warfighting tools and technological secrets. Sheryl also held leadership positions preparing firms for PCI and IT Audits.
Sheryl is an Officer within the Information Warfare Community with 20 years of service in The United States Navy Reserves. She is a veteran of Operation Iraqi Freedom, where she served in Iraq (2004) leading the implementation of the Navy’s down-range communications.
She holds a Master of Science in Information Security from Pace University, a Bachelor of Science in Information Systems from Dominican College, and has received many distinguished awards. She has been recognized for her speaking engagements, has authored multiple publications, and has achieved the certifications CISSP, CEH, CISA, and GCIH.
Sheryl’s volunteer service includes her 3-year trustee position with a local veteran’s organization in Satellite Beach FL, mentoring junior cyber warfighters on resume writing, certification preparation, and career paths. She is married and lives in the Melbourne, FL area with her dog, Tebow.
Treasurer, Board of Directors
YG brings more than 25 years of experience building and leading global security teams currently investing & advising cybersecurity companies and investors as co-founder and managing partner of GroCyber. He brings 15 yrs of practical experience working with the NIST SP-800 Series and in 2010 was responsible for leading the early adoption of what is now known as FedRAMP by some of the largest cloud providers during his time at SecureInfo.
Mr. Chon was previously CEO of Focal Point Data Risk and currently sat on the boards of RiskRecon (acquired by MasterCard) & Cloudentity and fellow at the Culinary Institute of America. Mr. Chon also led the cyber division of Kratos Defense and Security Solutions after its acquisition of SecureInfo.
Mr. Chon has held senior leadership positions across numerous cyber security organizations including: Cybertrust, iDefense, MCI, SRA executing professional services for Fortune 1000 and public sector clients. Mr. Chon has served as an adjunct professor at The George Washington University and holds a B.S. in Emergency Medical Services Management from GWU as well. Mr. Chon is a published author and frequent speaker at industry events, TV and radio.
Co-Chair, Accreditation & Credentialing Committee
Board of Directors
Akin Akinbosoye is Director of Cybersecurity at MxD with more than 20 years of experience across Healthcare, Services and Financial Services in operations, risk management and Cybersecurity. Most recently with responsibility for Cybersecurity across Allstate Financial Businesses as the Business Information Security Officer reporting through the CISO’s organization with dotted-line accountability to the CIOs and Business area leadership for these companies. Prior to Allstate, Akin was a Senior Large Bank IT/Cyber Risk Examiner with the Federal Reserve Bank of Chicago with oversight responsibilities for Large/Complex Financial Services Institutions across the Federal Reserve System. Akin, holds a Certificate in Advanced Graduate Studies from Northwestern University, Masters in MIS and Accounting from Middle Tennessee State University; and a Bachelor in Economics. In addition to industry recognized certificates in the fields of Security, Audit and Risk Management.
Chair, Communications Committee
Board of Directors
Wayne joined Raytheon at Missile Systems in Tucson, AZ in 2003 as the Network Manager responsible for classified/unclassified networks and voice systems for the 10,000+ member business. Before joining Raytheon, he served nearly 23 years in the US Air Force acting in both enlisted and officer roles responsible for areas in Electronic Warfare, Telecommunications, Computer Crime Investigations, and Communications-Computer Systems. In 2006 he transferred to the Raytheon Corporate IT Security organization in Texas and has held roles in Cybersecurity Incident Response and Cybersecurity Information Sharing and Collaboration. He was Senior Manager with Raytheon Global Business Services (GBS) and led the Global Cyber Compliance Services (GCCS) team until April 2020 when he began leading the Enterprise Compliance group of the newly formed Raytheon Technologies (RTX), a merger of Raytheon and United Technologies. In Jan 2021 he took on the new role of leading Strategic Relationships in the Cyber Policy and Compliance group.
Wayne served five years (2011-2016) as the Chairman of the Board of the Defense Security Information Exchange (DSIE) and is a current board member of the National Defense ISAC, the RTX representative to the DOD Defense Industrial Base (DIB) Cybersecurity Program, and Co-Chair of the Aerospace Industries Association (AIA) Cyber Security Committee.
Wayne holds the CISSP, ISSMP, and CCSP certifications.
Chair, Committee on Standards
Co-Chair, Training Committee
Board of Directors
Regan Edens, Chief Transformation & Compliance Officer and Co-Founder of DTC Global. DTC Global provides digital transformation and compliance turn-key solutions for large defense contractor ecosystems, small and mid-size businesses, and tier suppliers. Mr. Edens is a subject matter expert regarding technology, security, and compliance challenges on the “path to compliance” for USG Controlled Unclassified Information, 32CFR §2002 (CUI) requirements including Export Controlled information requirements under ITAR and EAR.
Mr. Edens has served across various public and private capacities leading highly technical, complex, and extremely demanding DoD technology-driven transformation, operations, security, and intelligence activities. Mr. Edens has led the rapid implementation of over $3.5B integrated platforms systems. Mr. Edens is a plank holder member of the National Cyber Moonshot.
Mr. Edens led high performing organizations within the Special Operations and Intelligence communities during multiple deployments to Afghanistan and Iraq as a senior DoD Intelligence civilian, DoD contractor, and a US Army, active duty, Commissioned Officer. Under his leadership, activities were awarded 4 Defense Superior Civilian Service Awards (3rd highest award to a DoD Intel civilian) 2012; 14 Bronze Stars, 12 Army Commendation Medals, and 6 Army Achievement Medals, 2002, and other various agency commendations.
Mr. Edens is a Co-Founder of the Institute for Excellence in Cyber Security Governance, an organization primarily focused on training and educating leaders on strategies and best practices for improving cyber governance “beyond the CIO” among cross-discipline organizational stakeholders. The IECSG is an umbrella organization comprised of institutions of higher learning, professional interest groups, private/public entities, and industry members. Seeking to address the barriers preventing good cyber governance, security, and compliance among a diverse group of large companies and under-represented small and mid-sized businesses (SMB) and other sub-tier suppliers. Strengthening opportuni[es for military veterans through cyber governance training and education.
Facility Security Officer
Board of Directors
Paul is the President and Founder of Monoc Securities LLC. Monoc Securities LLC is a Veteran-owned Small Business (VOSB) providing multi-discipline security consulting services to cleared companies or those seeking to be cleared within the National Industrial Security Program (NISP). Paul has participated within the NISP for 20 years working with the Intelligence Community, Department of Defense, and Department of Energy balancing U.S. Government regulatory and security requirements with organizational strategic goals and financial objectives.
Prior to founding Monoc Securities LLC, Paul served as the Senior Vice President for Security and Chief Security Officer for Cobham Advanced Electronic Solutions (CAES), a major aerospace and defense contractor. Prior to Cobham, Paul lead the security programs at ITT Night Vision, CB&I Federal, and the National Academies of Science, Engineering, and Medicine in Washington D.C.
Paul is a National Association of Corporate Directors (NACD) Governance Fellow, holder of NACD’s prestigious Directorship certification, and has completed the NACD sponsored CERT Cyber Risk Oversight Certificate program. Paul holds multiple security & cybersecurity certifications and is a graduate of American Military University (AMU) with a master's degree in Security Management.
Chair, Training Committee
Board of Directors
Ben Tchoubineh is a serial entrepreneur and is currently actively involved as a guide and strategist in three organizations that he’s founded: Phoenix TS is a leading IT, Management, and Cybersecurity professional training organization serving all branches of the DOD, multiple other federal agencies, and the private sector. His second enterprise, 30 Bird Media, is a premier publisher of educational content focusing on Cybersecurity and IT, serving training organizations, colleges, and universities worldwide. And finally, CyNtell provides Cybersecurity consulting services to small and medium-sized organizations as well as the DOD and the Federal Government. Ben is also on the board of Cyber-Spa, a software company focused on improving overall laptop performance.
Ben was born in the Middle East, then lived in France and Germany, before he emigrated to the United States at the age of fifteen and subsequently became a US citizen. He earned a B.S. in Computer Science at the University of Maryland College Park and holds dozens of industry certifications in Web and Application Development, Systems Administration, Database Management, and Cybersecurity.
Since graduating from UMD in the early 1990s, Ben worked as a programmer, and then as a consultant and technical training instructor for multiple US military agencies and private organizations worldwide. He has authored technical courses on numerous aspects of systems security, as well as DOD certification on and accreditation processes, including DITSCAP, DIACAP and now their successor, Risk Management Framework (RMF). He incorporated his first business in 1998 and since then has developed a love of leadership and ethical organizational development focusing on team motivation, collaboration, and productivity.
Ben is fluent in English, French, and Farsi and can get by in Spanish. In his spare time, Ben dabbles in painting and screenwriting. He lives with his wife of 23 years, Firoozeh, and his son and daughter in Columbia, MD.
Board of Directors
As President of CWilliams LLC, Charlie Williams provides strategic advice and support to the defense industry and government officials in all matters of acquisition planning, contract formation, and general contract management processes. Additionally, Mr. Williams lends support to the industry in ways that enable large and small companies, maneuver their way through the complexities of the defense acquisition system.
In August 2016, Mr. Williams was appointed as a Commissioner to the congressionally mandated Section 809 panel established to reform the Defense Acquisition Regulatory System. Mr. Williams served on the National Contract Management Association’s Board of Directors for six years and was the President in PY2019. He currently serves as Vice-Chair, Planning, for the Procurement Roundtable, and as a member of the Board of Advisors for U.S. Federal Solutions, Inc. He has served as a member of the Defense Acquisition University’s Board of Visitors and as a SAGE with the Partnership for Public Service.
Prior to establishing CWilliams LLC, Mr. Williams served as the Director of the Defense Contract Management Agency. As Director, he was responsible for leading a Department of Defense Agency that consisted of more than 12,000 civilians and military personnel who execute worldwide contract management responsibilities, covering more than 18,000 contractors and contracts valued at more than $5 trillion. Mr. Williams launched his career as a civilian member of the United States Air Force acquisition community eventually rising to the position of Deputy Assistant Secretary Contracting, in the Office of the Assistant Secretary of the Air Force for Acquisition. During that time, he also served as the U.S. representative to the NATO Airborne Early Warning and Control Program, Board of Directors.
Mr. Williams is a member of the Defense Acquisition Corps and is Level III certified in Contracting. He holds a Bachelor of Science degree from Middle Tennessee State University, Murfreesboro, and a Master’s Degree from Tennessee State University, Nashville. He is also a 1996 graduate of the Industrial College of the Armed Forces, where he earned a Master’s Degree in national resource management.
Included amongst his awards are the Meritorious Executive Presidential Rank Award and the DoD Medal for Distinguished Civilian Service.
- Board members self-nominate
- Board chairman will select Directors, who are then approved by the board
- No more than 1 Director from any single organization
- US Citizen
- Non-felon, must be able to obtain clearance
- Director terms are staggered from 1-3 years
- May not work for a company planning to perform CMMC assessments
- Any Director may serve no more than two 3 year terms and partial terms
- Personal commitment to protecting the United States through improved cybersecurity
- 40+ hours of time per month on average during the first year
- Monthly board meetings
- Frequent Committee meetings
- DoD Supply Chain Community leadership through board committees and advisory councils
- Minimum of two in-person meetings per year in the DC area (travel expenses reimbursed)
The CMMC-AB is accountable for delivering:
- The assessments for 300,000+ companies in the DoD supply chain
- Training for assessors and C3PAOs (Certified 3rd Party Assessor Organizations)
- Infrastructure to support its mission
- Accreditation of organizations and assessors participating in the process
- Adjudication of any protests or issues that develop with individual contractors or audits
- Forward-thinking innovation to automate and improve the cybersecurity defensive posture of the supply chain