Quality Products to Help You Complete Your Mission.
We have the experience and know how to design and install all your equipment and service needs.
Thank you for visiting. Here, you’ll find valuable information about the Cybersecurity Maturity Model Certification (CMMC). If you have any questions or need further assistance, please connect directly with your contracting officer.
CMMC stands for Cybersecurity Maturity Model Certification
Implemented by the Department of Defense (DoD), CMMC is a certification program aimed at contractors that support DoD-related programs and is known to either include Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) as part of the contract engagement.
If your contract contains DFARS 252.204-7021, Cybersecurity Maturity Model Certification Requirements, as a clause, then yes. However, as of this writing, this DFARS has yet to make its first release in contracts. DFARS 252.204-7021 is scheduled to make its first appearance in a selected list of Defense contracts starting in the first half of 2025. The DoD has come out with a 4-phase rollout plan to initiate and fully implement CMMC over a span of 3 years. Please ensure you review your contract clauses to confirm the existence of this DFARS once the phased rollout officially begins.
Yes. FAR 52.204-21, Basic Safeguarding of Covered Contractor Information Systems, is an existing clause that outlines requirements for processing, storing, or transmitting FCI. While DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, is another existing clause that outlines safeguarding requirements for CUI. Make sure you review your contracts to know your company’s safeguarding expectations.
You can learn more about CMMC by going directly to the DoD Chief Information Officer (CIO) website. You can access the website by clicking HERE.