The Cybersecurity Maturity Model Certification is being developed by the Office of the Under Secretary of Defense for Acquisition & Sustainment to be used by the Department of Defense contractors.
As stated on their website, “The Department of Defense is planning to migrate to the new CMMC framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene as well as protect controlled unclassified information (CUI) that resides on the Department’s industry partners’ networks.”
What are CMMC Objectives?
Specifics on CMMC Compliance
On January 31st, the Office of the Under Secretary of Defense for Acquisition & Sustainment published CMMC 1.0 which discusses maturity scoring based on processes and practices regarding cyber. It looks at how mature an organization is for both processes and what level they are implemented/practices in place.
There are 5 levels of certification. A company must document and prove their compliance at one level before advancing to the next. For specific details on each section, see their latest publication.
What Does CMMC Mean to DoD Contractors and Subcontractors?
If you do business with the DoD, you want to get ready for a CMMC audit now. Per the Office of the Under Secretary of Defense for Acquisition & Sustainment, “All companies conducting business with the DoD must be certified. The level of certification required will depend upon the amount of CUI a company handles or processes.”
We Help you Get CMMC Compliant Fast
CyberCompass software can help DOD contractors and subcontractors understand their CMMC maturity level and get you audit-ready. Years of experience with NIST 171 standards gives us the know how to make your transition to CMMC compliance go quickly and smoothly.
It is cloud-based, so it can be accessed anywhere with no software download. You don’t have to be a privacy or cybersecurity expert to use CyberCompass.
- Answer one set of simple yes/no questions that meets CMMC regulations
- Flexibility to start and stop – CyberCompass saves your progress
- Compliance gap report to gain visibility into your non-compliance and top priorities
- Built in step-by-step guide to fix issues and get compliant quickly
- CyberCompass online vault to save your “body of evidence” in one place
- Manage your third party/vendor compliance to track their compliance. Use our pre-built agreement templates to make record keeping easier
- Monitor your compliance for 12 months with dashboards and reporting
- Utilize our built-in employees cyber awareness training which is required by CMMC
- CyberCompass® allows to you schedule and track employee competency
Want to know where your vulnerabilities are? Take our FREE Cyber Quick Check survey.
In 2 minutes you get an overview of where your biggest threats are.