The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Government Contracting News / DoD’s interim rule adds a new twist to implementing cyber maturity model

October 23, 2020 By cs

DoD’s interim rule adds a new twist to implementing cyber maturity model

The Defense Department released one of the last major pieces to complete the Cybersecurity Maturity Model Certification (CMMC) program puzzle.

The Pentagon issued an interim rule under the Defense Federal Acquisition Regulations on Sept. 29 to add more clarity around the implementation timeline and around the requirements contractors will have to adhere to over the next five years.

One surprise among observers is the new requirements for vendors working at medium or high security levels to undergo an assessment by the government of how they comply with the standards outlined in Special Publication 800-171 from the National Institute of Standards and Technology.

“The assessment uses a standard scoring methodology, which reflects the net effect of NIST SP 800-171 security requirements not yet implemented by a contractor, and three assessment levels (basic, medium and high), which reflect the depth of the assessment performed and the associated level of confidence in the score resulting from the assessment,” the interim rule stated. “A basic assessment is a self-assessment completed by the contractor, while medium or high assessments are completed by the government. The assessments are completed for each covered contractor information system that is relevant to the offer, contract, task order, or delivery order.”

Keep reading this article at: https://federalnewsnetwork.com/defense-industry/2020/09/dods-interim-rule-adds-a-new-twist-to-implementing-cyber-maturity-model/

Filed Under: Government Contracting News Tagged With: CMMC, CMMC accreditation, CMMC Accreditation Body, cybersecurity, Cybersecurity Maturity Model Certification, DFARS, DoD, FAR, federal regulations, NIST, SP 800-171

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2023 · Georgia Tech - Enterprise Innovation Institute