Popular Voices

CMMC Accreditation Body Still in Selection Process for C3PAOs

CMMC Accreditation Body Still in Selection Process for C3PAOs

The Cybersecurity Maturity Model Certification Accreditation Body has confirmed in an online meeting it has yet to select certified third-party assessment organizations for the CMMC initiative.

James Goepel, chairman of the accreditation body’s Finance Committee, described the selection of C3PAOs as a work in progress. Goepel urged aspiring C3PAOs to abide by the compliance rules defined in the National Institute of Standards and Technology Special Publication 800-171, which he considers as an integral foundation for the CMMC, MeriTalk reported Monday.

Board member John Weiler supported Goepel’s advice, noting that NIST 800-171 is a subset of CMMC. Weiler ruled out self-assessments and said the CMMC will adopt a no-trust, must verify approach.

Another board member, Mark Berman, said the group will conduct a follow-up webinar since the meeting was disrupted by technical difficulties.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.
Posted on by Adrian Rosenberg

Category: Popular Voices

Related Articles

Deputy Defense Secretary Nominee Vows to Further DOD’s Use of AI

Deputy Defense Secretary Nominee Vows to Further DOD’s Use of AI

February 03, 2021

Current AI Systems Not Trustworthy Enough, Marine Commandant Says

Current AI Systems Not Trustworthy Enough, Marine Commandant Says

February 03, 2021

Navy Establishes DevSecOps Platform to Ensure Secure Software Development

Navy Establishes DevSecOps Platform to Ensure Secure Software Development

February 01, 2021