Pentagon waivers for CMMC requirements to be determined based on DOD contract needs

By Sara Friedman / April 13, 2022 at 10:51 AM
The use of waivers for the Pentagon’s Cybersecurity Maturity Model Certification program will be determined based on the needs of acquisition officials for specific contracts, not the qualifications of a company bidding for contract selection, according to CMMC director Stacy Bostjanick. The Defense Department is in the rulemaking process to implement significant changes to the CMMC program and will allow waivers for the first time under CMMC 2.0. Bostjanick provided an update on what’s next at a cyber event last...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.