Who Needs to Comply with CMMC?

CMMC is required of any individual in the DOD supply chain, including contractors who interact exclusively with the Department of Defense and any and all subcontractors.

According to the DOD, the CMMC requirements will affect over 300,000 organizations. Fortunately, most businesses require only a Level 1 to Level 3 certification. The CMMC Accreditation Body (CMMC-AB) establishes a process to qualify private third-party assessment organizations (C3PAO) and assessors to determine CMMC levels.

The precise level of certification a business needs to be granted a federal contract will be defined in the RFP.

Resources:

1. What Is CMMC?
2. What are CMMC Requirements?
3. Who needs to comply with CMMC?
4. What is CMMC Certification?
5. What is CMMC Compliance?
6. How do I map NIST to CMMC?