GSA plans to make CMMC requirements 'in scope,' rather than a requirement, for its contract vehicles

By Sara Friedman / May 20, 2021 at 2:24 PM
The General Services Administration will allow civilian federal agencies to decide whether to include requirements from the Pentagon's cyber certification program in individual contracts that utilize GSA offerings for facilitating their information technology purchases. GSA included language for DOD's Cybersecurity Maturity Model Certification program in its new STARS III and Polaris solicitations, with an intent to give agencies flexibility, GSA's Keith Nakasone said Wednesday at a CMMC conference hosted by FCW . "CMMC will be in scope, but requirements will...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.