CMMC News and Recommendations
Latest CMMC Updates
- The final CMMC Rule will be coming out sometime between April – July 2021
- Certified Assessor will not be available until Summer/Fall 2021. The Licensed Training Providers were just recently approved and are ramping up their training program. The first training programs are expected to be available in April 2021.
- DFARS Provisions 252.204-7019 & 252.204-7020 are only applicable to contractors required to implement the NIST SP 800-171 standards per DFARS Provision 252.204-7012.
- The CMMC Pilot Program (Year 1 CMMC Contracts) will include contracts from:
- Army, Navy, Air Force, Missile Defense Agency, Defense Logistics Agency
- The Office of the Undersecretary of Defense for Acquisition and Sustainment (OUSD (A&S)) is exploring opportunities to pursue CMMC pilots outside of the DoD to include: GSA, DHS, and possibly the Department of Interior
A final tip…When searching for Cyber Security Consultants and C3PAOs, ensure that you are selecting yours from the CMMC-AB Marketplace. There are many “poser” marketplaces out there, especially for C3PAOs, and contractor companies are not getting what they’re paying for.
Cybersecurity isn’t simply about rule-following. Done right, it can be a catalyst for opportunity and business growth.