There has been much talk about the CMMC (Cybersecurity Maturity Model Certification) Program. Let’s take a minute to understand the levels of compliance that you may have to meet.
There are 17 Domains that are spread over 5 levels of the maturity categories.
You now know about the Cybersecurity Maturity Model Certification (CMMC) but let ‘s discuss a little about the different types of people and groups associated within this ecosystem. We are going to break these individuals down into two groups. The organizations registered through the CMMC AB , and the individual people registered through the program (for now we are leaving out other ancillary categories).
Organization
C3PAO’s (Certified Third-Party Auditing Organizations)
This is a company that has met all CMMC certification criteria and submitted the requisite documents to the CMMC AB to qualify as an organization that can contract directly with a Government Contractor for the purpose of either a pre-assessment or a certified third-party assessment.
Now that we are well into 2021, many of you may be starting to wonder more about CMMC certification and what it entails. I thought I would write a series of blogs that might help you better understand the CMMC process. This will serve as the first in this series of blogs.
The US Department of Defense (DoD) recently released new rules about data protection that its contractors need to abide by. Due to the sensitive nature of the data DoD vendors deal with, as well as the increasing prevalence of cybercrimes, it’s imperative that the agency maintains full control over its information assets.
The new CMMC model was created by The Department of Defense under the Secretary of State. This program was designed in order to keep Controlled Unclassified Information (CUI) out of the hands of government officials who are not DFARS compliant.
DFARS (Defense Federal Acquisition Regulation Supplement) and CMMC accreditation will now be required for all government contractors and suppliers with CUI access.
Advanced Update on the Cybersecurity Maturity Model Certification CMMC
I know many of you have been following the roll-out of the CMMC rules and requirements. I wanted to take a minute to update you on what we know. F1 recognized well over a year ago the impact that this new requirement would have on you, our customers, and we made a push to stay in the know.
The Department of Defense under the Secretary of State has recently created the new CMMC (Cybersecurity Maturity Model Certification) program. This program was begun in response to the high amount of government contractors with access to CUI (Controlled Unclassified Information) who have not achieved DFARS (Defense Federal Acquisition Regulation Supplement) compliance.
Many of you may have begun to hear about a new requirement that will be placed in your RFP contracts next year called the Cybersecurity Maturity Model Certification (CMMC). As your trusted advisor with new cyber regulations, I wanted to give you an update on what is known about this program.
