The Defense Department officially entered into an agreement with the nonprofit corporation that will serve as the accreditation body for its Cybersecurity Maturity Model Certification program, the chief information security officer for the department’s acquisition office confirmed.
“Yesterday the CMMC accreditation body made a public post that we have executed the [memorandum of understanding],” said Katie Arrington, who is spearheading the program and participated in a webcast on the issue Thursday.
A resolute Arrington sought to quash any idea that the government’s efforts to contain the coronavirus pandemic would delay the Defense Department’s plan to validate contractors’ cybersecurity claims using independent third-party auditors.
“We, all of us that are mission-essential, have been working on COVID-19, but,” she said, “although we are working diligently to ensure we are doing our best in the Department of Defense to save lives, work does continue and we are not slowing our roll at all.”
Arrington and other webinar participants noted the extensive impact the CMMC is expected to make across the federal government, its contractors and international partners.