GTPAC has now updated its cybersecurity resource page to include guidance on CMMC.
CMMC stands for “Cybersecurity Maturity Model Certification.” CMMC, which was created by the U.S. Department of Defense (“DoD”), is a unified cybersecurity standard and framework that includes a comprehensive and scalable certification element to verify contractor implementation of required cybersecurity processes and practices.
CMMC is designed to provide assurance to DoD that defense contractors can adequately protect sensitive unclassified information. CMMC is important because if a DoD contract has a CMMC requirement, a contractor will need to obtain a CMMC certification at the required level to win and perform that contract (or subcontract). It is anticipated that eventually, most DoD contracts will require at least some level of CMMC certification.
So if you want to be a DoD contractor, it’s important to learn about CMMC. You can find more detailed information on CMMC and other cybersecurity standards, such as NIST 800-171, on our cybersecurity resource page.