Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
    • GTPAC COVID-19 Resource Page
    • Cybersecurity Video
    • Veterans Verification Video
    • GTPAC Community
    • Other Training Audio & Video
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Athens Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Athens
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • COVID-19
  • New Client Application
  • Contact Us

DoD releases version 0.7 of its Cybersecurity Maturity Model Certification

January 10, 2020 By Andrew Smith

On December 13, the Department of Defense (“DoD”) released the latest version of its Cybersecurity Maturity Model Certification (“CMMC”).  This is the third iteration of the draft model that DoD has publicly released since it issued the first draft in October.  (We previously discussed Version 0.4 and Version 0.6 of the CMMC in prior blog posts.)

DoD describes the CMMC as “a DoD certification process that measures a DIB sector company’s ability to protect FCI [Federal Contract Information] and CUI [Controlled Unclassified Information].”  DoD has stated publicly that it intends to begin incorporating certification requirements into solicitations starting in Fall 2020, with compliance audits beginning in late 2020 or early 2021.  Depending the sensitivity of the information that contractors will receive in the course of performing work for DoD, they will be expected to demonstrate compliance through third party audits with the requirements set forth under one of five certification levels.  This applies even where contractors will not be handling FCI or CUI in the course of performing their contracts.

The two most significant updates to the model in this version of the draft are (i) the addition of “Practices” for obtaining Level 4 and 5 certifications, and (ii) an expansion of “clarifications” section, which now covers the requirements of Levels 2 and 3 of the model, in addition to Level 1.  These changes and others are discussed in more detail later in this article.  Given the expected release in late January 2020, it is likely that the requirements in this draft will closely resemble those that will be set forth in Version 1.0 of the CMMC framework, which is anticipated to serve as the basis for the first contractor audits.

Continue reading at:  Inside Government Contracts

Filed Under: Contracting News Tagged With: CMMC, cybersecurity, Cybersecurity Maturity Model Certification

Recent Posts

  • DoD publishes long awaited interim rule on CMMC
  • GSA Region 4 OSDBU hosting small business webinar
  • GTPAC launches COVID-19 resource page
  • GDEcD seeks GA Manufacturers and Distributors that can help with critical health care supply needs related to COVID-19
  • Georgia DOAS to hold 4th Annual Georgia Procurement Conference April 21-23, 2020

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

DoD publishes long awaited interim rule on CMMC

Small business subcontracting for cloud computing gets easier

Long awaited changes to WOSB/EDWOSB regulations expected this summer

The CMMC has arrived: DoD publishes version 1.0 of its new cybersecurity framework

GSA keeping ‘on track’ with schedule consolidation

Read More

Contracting Tips

A guide to labor and employment obligations for federal contractors

Who pays for CMMC certification?

Other transaction agreements: Where does an unsuccessful bidder go?

Knowledge is power, if you know how to use it

EAJA provides relief to construction contractor for government’s bad actions

Read More

GTPAC News

GSA Region 4 OSDBU hosting small business webinar

GTPAC launches COVID-19 resource page

GDEcD seeks GA Manufacturers and Distributors that can help with critical health care supply needs related to COVID-19

Georgia DOAS to hold 4th Annual Georgia Procurement Conference April 21-23, 2020

MICC Fort Stewart hosting acquisition forecast open house on Thursday, Feb. 6, 2020

Read More

Georgia Tech News

Dr. Abdallah testifies on U.S. competitiveness, research, STEM pipeline at Congressional hearing

Georgia Tech’s Technology Square Phase III to include George Tower

Student surprises his teacher with Georgia Tech acceptance news

Georgia Tech Applied Research will support DHS information safeguarding effort

$25 million project will advance DNA-based archival data storage

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2021 · Georgia Tech - Enterprise Innovation Institute