CMMC Compliance Checklist: 4 Things Not To Overlook

CMMC Compliance Checklist: 4 Things Not To Overlook

The Cybersecurity Maturity Model Certification (CMMC) replaces the current DFARS 252.204-7012 clause that defense contractors currently have to when entering into a contract with the Department of Defense. Based on the NIST SP 800-171 framework, albeit with the addition of various other processes and practices, CMMC compliance spans five levels, with the third one being the minimum requirement ...

Building a CMMC Compliance Checklist for Level 3 Certification

Building a CMMC Compliance Checklist for Level 3 Certification

Most organizations wanting to contract or subcontract with the Department of Defense should aim for CMMC level 3. This is the minimum required level for handling controlled unclassified information (CUI), and compliance will be fully enforced from October 2025.

How Can a Gap Assessment Prepare You for CMMC Compliance?

How Can a Gap Assessment Prepare You for CMMC Compliance?

It may be tempting to put off your journey towards CMMC compliance, given that the regulation is not due to be fully implemented until October 1, 2025, but this would be a mistake. Earning a CMMC certification is no trivial task, especially if you are aiming for higher compliance levels. Starting now will give you plenty of time to get your information security strategy and systems up to scratch.

C3PAO: 5 Key Things to Know About Third-Party CMMC Auditors

C3PAO: 5 Key Things to Know About Third-Party CMMC Auditors

The Cybersecurity Maturity Model Certification (CMMC) was introduced to establish consistent cybersecurity standards throughout the Defense Industrial Base (DIB). Every organization in the DIB must achieve a minimum level of security maturity before they can win contracts. The framework specifies five levels, with the highest typically opening the door to the most lucrative contracts. You can ...