What is CMMC? Understanding Cybersecurity Maturity Model Certification

With the Cybersecurity Maturity Model Certification “CMMC” model in January 2020 and an interim rule ushering in its use September 29, 2020 the requirement is beginning to take shape. The new framework brings with it an expectation for the Defense Industrial Base “DIB” which is comprised of contractors and subcontractors of the Department of Defense “DoD”. Estimates of the number of impacted companies is between 300,000 and 450,000 unique entities. These companies will need to obtain a certification in one of five levels of cybersecurity preparedness. Recertification is to occur anew, pending successful completion of a review, every three years once a required baseline is met.

Who will perform the assessment?

Right now:

Currently the CMMC-AB is credentialing its first groups of Provisional Assessors. These individuals (73 selected nationwide) will perform the first provisional assessments. In the beginning priority for certification will go to contractors bidding on, fulfilling or supporting a Federal contract with a CMMC requirement.

In the future:

Once the provisional period ends Assessments will be performed by independent certified assessors “CA’s”. These assessors will work with and independent review organization called a Certified Third Party Assessor Organizations “C3PAO’s”. Both CA’s and C3PAO’s are required to complete a training and credentialing process. Once successful completion of the review is validated a certification will be issued by the CMMC-AB.

Frequently Asked Questions CMMC and DoD related questions answered

There are allot of Cybersecurity Maturity Model Certification (CMMC) questions out and we hope we can answer them in our FAQ section with links to the The Office of the Under Secretary of Defense for Acquisition and Sustainment.

Seminars and Events CMMC Readiness Series Starts January 14th

The CMMC Firm and Saltmarsh Cleaveland & Gund are hosting a virtual series focusing on getting CMMC ready. Join us as we discuss calculating your cyber score.

Meet the TeamCMMC Firm Team Leaders Bios

Our team leaders with CMMC Firm have decades of professional experience in cyber technologies. Read their bios and see their credidations and contact information.