I’ve been working as a QA manager for a grand total of one week and one day for a subcontractor in the aerospace and defense industry. My boss has elected me with the sole responsibility of making our company both DFARS (NIST 800-171) compliant and AS9100 certified, which sounds like a herculean and nigh impossible task for somebody with my level of experience.
I’m going to be continuing my duties as the QA manager, though I’ve caught us up by about a month within a week’s time which is pretty good, but I’ll have to dedicate my time on the weekends to making sure this company can legally handle CUI and report directly to the big names in the aerospace industry without working through a contractor that is AS9100 certified.
I have an idea of where to start with DFARS. It seems not difficult, as it is a fairly small business of less than 20 people, and only a quarter of whom operate their own workstations.
He says if I can handle this, which will be extremely difficult, perhaps the most pressure I’ve ever felt in my life, he’s promising me a $30-40 hourly wage because he’s too stupid to do it himself or hire somebody with expertise in this area.
MY QUESTIONS ARE:
How long do you think it will take to at least become DFARS compliant, if you imagine the network has as much security as a wishing well?
Is it very difficult to become AS9100 certified? I have no experience with the documentation whatsoever but I like to think I’m sharp and learn quickly.
Is this even possible? I feel like he set me up for failure. Either I get it done, or he kicks me to the curb, he practically said.
Thank you to everybody who responds.