DOD official: Delays in certifying assessment organizations to shift expected CMMC timeline

By Sara Friedman / April 28, 2021 at 3:27 PM
The Pentagon is making changes to its rollout schedule for the Cybersecurity Maturity Model Certification program, due to issues with getting assessment organizations that will conduct audits for contractors fully credentialed by the Defense Department, according to a DOD official overseeing the pilots. All certified third-party assessment organizations need to obtain a CMMC level three certification in order to start conducting assessments for contractors. Those assessments are conducted by the Defense Contract Management Agency's Defense Industrial Base Cybersecurity Assessment Center,...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.