CMMC accreditation body says provisional program details were posted 'inadvertently'

By Sara Friedman / May 11, 2020 at 3:30 PM

The accreditation group for the Pentagon's Cybersecurity Maturity Model Certification program says details released on its provisional program for auditors and assessors were published "inadvertently" on its website, and crafting the requirements and application details for the program is still in process.

On Saturday, the CMMC AB published on its website information on how the provisional program will work, including fees and an initial structure for the selection process for third party assessors. But the webpage on the provisional program, which was published by mistake, according to the group, has since been deleted from the CMMC AB website.

"We apologize for any inconvenience caused by the inadvertent posting," Mark Berman, communications committee chair of the CMMC AB, told Inside Cybersecurity. He said the information posted "should not be used to infer or draw any conclusions" about the "potential provisional program."

Berman said, "The final version of our programs will be the culmination of months of listening to stakeholders through events, surveys and working groups."

At an event last week, CMMC AB Chairman Ty Schieber said the accreditation body is in the final stages of "defining the ecosystem" and "identifying the individual certifications" for instructors, assessors and auditors. These definitions will provide clarity, Schieber said, on the "accrediting organizational types" for third-party assessment organizations, licensed partner publishers, and licensed training providers.

Schieber said the goal is to allow C3PAOS to start to register under CMMC AB in approximately three weeks. The CMMC AB will be providing more information on what the process will look like to get accredited and what the perquisites are at that time.

Berman confirmed that the process outlined by Schieber is still the planned schedule for when the CMMC AB will release program information to stakeholders.