DoD Aims to Have CMMC Auditors Ready by April
Katie Arrington, chief information security officer for the Office of the Under Secretary of Defense for Acquisition and a 2020 Wash100 winner, has said that the Pentagon is working to have its first class of Cybersecurity Maturity Model Certification auditors ready by April.
Speaking at a March 5 event, Arrington said Certified Third-Party Assessment Organizations will evaluate contractors’ cybersecurity based on CMMC guidelines. The accreditation board is working on training the auditors and the accompanying training materials, Fifth Domain reported Monday.
The official noted that companies should be getting ready for the certification. She added that the CMMC framework has received interest outside the Department of Defense, with nearly a dozen nations and international organizations expressing interest in adopting the framework.
CMMC is a tiered cybersecurity framework that grades companies on their cyber hygiene. The DoD plans to implement the CMMC requirements in all new contracts beginning in 2025.
Category: Popular Voices
Tags: C3PAO Certified Third-Party Assessment Organizations CMMC cybersecurity Cybersecurity Maturity Model Certification Department of Defense Fifth Domain Katie Arrington pathfinder Popular Voices