What is CMMC?
The Cybersecurity Maturity Model (CMMC) is a US initiative lead by the Office of the Assistant Secretary of Defense for Acquisition within the Department of Defence (DoD). It builds upon existing regulation (DFARS 252.204-7012) that requires DoD contractors and subcontractors to safeguard information within the US supply chain using a self-certification method. The new risk management framework (RMF) adds a verification component that requires the employment of third-party auditors to conduct the audit and certification process. The intent is to identify the required CMMC level in RFP sections L and M and use as a “go / no go decision” when selecting suppliers.
Trust Hogen’s CMMC solution provides excellent coverage of the practices specified within CMMC requirements for both audit requirements and improvement of cyber hygiene.