Defense industry group raises concerns over terminology for 'managed service providers' in CMMC assessment guide

By Sara Friedman / August 30, 2022 at 2:15 PM
The National Defense Industrial Association is seeking clarity from the accreditation body behind the Pentagon's cyber certification program on how managed service providers can be used to help companies reach compliance and address reciprocity. The Cyber Accreditation Body released the first version of its Cybersecurity Maturity Model Certification assessment process guide, known as "the CAP," in July for public comment. The guide for the CMMC program is marked as "pre-decisional" because DOD's work to finalize the rulemaking is still in...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.