Where are you at on your journey to CMMC certification?


With the implementation of the Cybersecurity Maturity Model Certification (CMMC) 2.0 program,
the Department of Defense has introducing several key changes that build on and refine the original program requirements.

These are:

Streamline
Model

~Focused on the most critical requirements:
Streamlines the  model from 5 to 3 compliance levels

~Aligned with widely accepted standards:
Uses National Institute of Standards and Technology (NIST) cybersecurity standards

Read more

Reliable Assessments


~Reduced assessment costs:
Allows all companies at Level 1,
and a subset of companies at Level 2,
to demonstrate compliance through self-assessments

~Higher accountability:
Increases oversight of professional and ethical standards of third-party assessors

Read more

Flexible Implementation


~Spirit of collaboration:

Allows companies, under certain limited circumstances, to make Plans of Action & Milestones (POA&Ms) to achieve certification

~Added flexibility and speed:

Allows the Government to waive inclusion of CMMC requirements under certain limited circumstances

Read more