We are a founding members of the DoD CMMC Accreditation Body (CMMC AB) Standards working group. Designing the CMMC assessment methodology for the oversight and assurance of NIST SP 800 – 171 and CMMC.
CMMC 2.0 is being implemented by the United States Department of Defense (US DoD) to protect the intellectual property it has invested in from cyber-attacks. The CMMC programme will impact the global Defence Industrial Base (DIB) and the many companies within it. DIB contractors that are currently required to assess and report their compliance to the NIST SP 800 – 171 cyber security framework, under DFARS 252.204-7012, 7019 and 7020 for the protection of Controlled Unclassified Information (CUI) before a DoD contract or subcontract can be awarded. Whilst the requirement for safeguarding Covered Defence Information (CDI) is not a new one (December 2017), CMMC 2.0 will add a requirement for DIB prime contractors and their subcontractors to be CMMC certified to an contractually agreed level, before they can undertake new, options or contract modifications.
This platform has been created to support users understand the requirements for NIST SP 800-171 and CMMC 2.0 compliance. Provide the appropriate guidance and support for organisations to comply with cybersecurity requirements outlined by the both NIST SP 800-171 and CMMC 2.0 and the broader deployment of cyber risk management solutions.