As cyber criminals develop ever more sophisticated methods to steal sensitive information and intellectual property, significant new measures are evolving to protect the federal government supply chain, including the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) Framework. The shift to CMMC marks a clear evolution toward a “trust, but verify” model for cybersecurity compliance within the DoD supply chain.
If you are a prime contractor or subcontractor that plans to do business with the DoD in the future, CMMC applies to you. For organizations new to this cybersecurity framework, Are You Ready for CMMC? Getting on the Right Track with the New DOD Cybersecurity Framework, coauthored by AuditBoard and RSM US LLP provides an introduction to CMMC, including:
- Whether CMMC applies to your organization, implementation requirements and costs, as well as compliance deadlines.
- The three different CMMC maturity levels, and which level your organization should be targeting.
- How CMMC maps to NIST 800-171 and NIST 800-172, if your organization has already achieved alignment with the NIST standard.
- A CMMC Preparation Checklist to help you get started.