What is CMMC?
CMMC stands for “Cybersecurity Maturity Model Certification”.
The various maturity levels range from “Basic Cybersecurity Hygiene” Level 1 to “Advanced/Progressive” Level 5.
Background
Previouse cybersecurity standards were self-certified.
Under CMMC, a certified third-party assessment organization (C3PAO) is required for certification.
The CMMC Accreditation Body (CMMC-AB), defines the assessment and administration needed for certification.
Who Needs CMMC?
Anyone in the Department of Defense Supply Chain will eventually need CMMC certification.
Most companies will require a certification between Level 1 and Level 3 to qualify for government defense contracts.
Why do you need CMMC?
The goal is to ensure basic cyber hygiene and protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
When will I need CMMC?
Some contracts will require CMMC certification beginning in 2021.
By the fiscal year 2026, ALL new defense contracts will contain CMMC certification requirements.
Rapier Solutions, Inc.
Rapier is in the process of positioning itself to become Registered Provider Organization and/or Certified Third Party Assesor. We currently have two CMMC-AB Registered Practioners on staff.
