The DoD has built upon existing DFARS 252.204-7012 regulation and developed the CMMC as a “verification component” with respect to cybersecurity requirements. The DoD has entrusted DoD contractors to achieve compliance, and with continued pressure to ensure 100% adoption of cybersecurity controls, the DoD is updating its policies. CMMC Marketplace is a resourceful destination connecting Government Contractors to qualified CMMC service providers. CMMC DoD is the next stage in the Department of Defense’s (DoD) efforts to properly secure the Defense Industrial Base (DIB). In the simplest of terms, the DoD announced that it is creating a cybersecurity assessment model and certification program.
CMMC stands for “Cybersecurity Maturity Model Certification”. The CMMC will encompass multiple maturity levels that ranges from “Basic Cybersecurity Hygiene” to “Advanced”. The intent is to identify the required CMMC level in RFP sections L and M and use as a “go / no go decision.”
The Department of Defense is drafting a new standard called the Cybersecurity Maturity Model Certification. This standard will replace NIST 800-171 on DoD RFIs and RFPs beginning in mid-20201. The CMMC contains five levels, ranging from basic hygiene to state-of-the-art. Unlike NIST 800-171, the CMMC will not contain a self-attestation component. Every organization that does business with the Department of Defense will be required to undergo an audit this is where CMMC Marketplace comes in as they provide authorized auditing entity CMMC auditor before bidding on a contract or subcontracting to a prime.
CMMC compliance for DFARS 252.204-7012 will accept a System Security Plan (SSP) and Plan of Action and Milestones (POA&M) as compliance. Contractors will be evaluated based upon the implementation of actual technical controls in addition to their documentation and policies. These evaluations will lead to a level certification of 1 to 5, 5 being the most secure. The higher your company certifies the more contracts you will be eligible to bid on.
CMMC certification the Cybersecurity Maturity Model Certification (CMMC) will be a new requirement for existing DoD contractors, replacing the self-attestation model and moving towards third party certification.
CMMC Marketplace is provided by Veterans for American Business Development (VABD), a 501(c)(3), in adherence with US International Traffic in Arms Regulations (ITAR) regulations, Federal Risk and Authorization Management Program (FedRAMP) requirements, and Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) Levels 2 and 4.
About CMMC Marketplace:
CMMC Marketplace connects government contractors those are looking to achieve cybersecurity maturity model certification (CMMC) compliance with qualified CMMC service providers.
For more information about CMMC Marketplace visit our website https://www.cmmcmarketplace.com