<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

Current CMMC Levels to Look Out For

down-arrow

The Cybersecurity Maturity Model Certification (CMMC) framework is the upcoming revamp of the Department of Defense (DoD) cyber security requirements to secure the defense industrial base (DIB) and supply chain. The certification levels, tiers, will range from basic to advanced in a greater effort to secure and protect controlled unclassified information (CUI) from cyber threats, similar to NIST SP 800-171. All members of the DIB and DoD contractors, ranging from small businesses to prime contractors, must meet the required CMMC level to maintain existing contracts and win new ones.

What Are The Current CMMC Levels?

To clarify the Cybersecurity Maturity Model Certification (CMMC)'s milestones, we've written up a high-level outline of essential dates from the release of V1 in January 2020 and probable deadlines you should consider when implementing and complying with CMMC.

Disclaimer: Please note this information may change in accordance with the CMMC Accreditation Board (CMMC AB) CMMC decision-making and information-sharing process.

Q1 2020 - Version 1.0 of the Cybersecurity Maturity Model Certification description was published to the public on January 31, 2020.

Soon after CMMC V.1.0 was released, the independent CMMC Accreditation Board (CMMC AB) started coordinating assessor training and accreditation plans in partnership with CMMC stakeholders to release training for CMMC Levels 1, 2, and 3 security controls by the end of Q1 2020 (March 31, 2020).

Q2 2020 - During June 2020, the first set of RFIs reflecting CMMC will be released in time for the CMMC AB to train independent CMMC Level 1, 2, and 3 auditors.

CMMC Levels After 2020 and Beyond?

  • Vendors and suppliers should expect significant training, assessment, and audit activity in the third quarter.
  • CMMC Levels 4 and 5 certification training will begin in September 2020.
  • According to Pentagon Acquisition Chief Ellen Lord - Starting in Q4 2020, ALL contracts need to include the appropriate CMMC certification in their award criteria.
    • To phase in CMMC changes and related contracts, the DoD intends to limit the CMMC requirement to just 10 RFIs and RFPs in 2020. The remaining new contract requirements will roll out in 2021 with the goal being - ALL new DoD contracts beginning in FY 2026 will meet the CMMC requirement.

According to Arrington, the DoD expects CMMC third-party assessors to certify about 1,500 vendors in 2021, 7,500 more in 2022, and 25,000 more by 2023.

Your CMMC Compliance Needs

CyberSaint is here to support every step of your CMMC readiness journey in many ways, like keeping you updated on the latest CMMC news and providing CMMC readiness assessments and or training. See why leading compliance teams are choosing CyberStrong to prepare for CMMC

 

We're here to support every step of your CMMC readiness journey in many ways, like keeping you updated on the latest CMMC news and providing free CMMC readiness assessments and/or training - which you can arrange by reaching out to us with this link.

You may also like

Leveraging Cyber Risk Dashboard ...
on March 20, 2023

Cybersecurity risks have a far-reaching impact. As we’ve come to know, the effect of cyber has grown far beyond information systems and can render a company obsolete. The data and ...

Private Equity Firms are Embracing ...
on March 15, 2023

Private Equity firms pride themselves on implementing best practices in every functional area within their portfolio companies. Cyber Risk Management is emerging as a core ...

How to Use Cyber Risk Analysis to ...
on February 28, 2023

Cyber risk management has become more challenging to manage and monitor as the cybersecurity landscape has developed and digitized. Numerous endpoints, regulatory changes, cloud ...

The Top 10 Cybersecurity Dashboard ...
on February 23, 2023

As cybersecurity continues to become a more significant focus for organizations, other C-suite leaders must get up to speed on cyber risks and their impact on the organization's ...

Leveraging CISO Dashboard Metrics ...
on February 21, 2023

As a Chief Information Security Officer (CISO), it is essential to clearly understand your organization’s cybersecurity posture and how to improve it continuously. One way to do ...

The Importance of Monitoring Cyber ...
on February 14, 2023

Cybersecurity has become a critical concern for businesses and organizations in today’s digital age. With the increasing number of cyber threats and attacks, monitoring ...