Cybersecurity Maturity Model Certification (CMMC)
By: Dean Dorton | May 8, 2020

Dean Dorton's expert technology professionals are now assisting businesses with the CMMC readiness assessment. Saving businesses time, and ensuring that businesses are prepared for upcoming CMMC deadlines.
Cybersecurity | Technology
In an effort to focus on security and resiliency, the Department of Defense (DoD) is working with various industries to enhance the protection of the following types of unclassified information within the supply chain:
![Security lock [Converted]](https://deandorton.com/wp-content/uploads/2020/05/Security-lock-300x168.jpg)
Federal Contract Information (FCI)

Controlled Unclassified Information (CUI)
FCI is information provided by or generated for the Government under contract not intended for public release. CUI is information that requires safeguarding of dissemination controls pursuant to and consistent with laws, regulations, and government-wide policies.
DoD Approach
Contractors working with FCI or CUI will be required to be certified based on one or more of the five CMMC maturity levels. The levels are as follows:

At a minimum contractors will need to be Level 1 certified. If a contract requires a higher level of certification, the contractor is required to meet that level and all lower levels. The levels build on one another. The level requirement will be specified in Requests for Information (RFI) and Requests for Proposals (RFP) coming from the DoD later this year.
DoD Timeline
A CMMC timeline has been established with important milestones scheduled in mid to late 2020. These milestones were established prior to the COVID-19 pandemic and may be revised. For now, the guidance we have is:

Actions You Can Take Now
Until the CMMC Assessor requirements are released, it is not possible to receive a certification. However, due to the timeline contractors are likely not going to have sufficient time to be certified unless preparation begins now. Another important note is self-certification will not be allowed.
Dean Dorton’s IT Audit and Compliance team is working with DoD contractors to evaluate and remediate CMMC compliance so that these contractors are ready for the certification process. The compliance readiness assessments can and will be used to shorten the certification process needed later.
If you have any questions regarding how to prepare for CMMC requirements feel free to contact Kevin W. Cornwell at 502.566.1011 or kcornwell@ddaftech.com or Amy Justice at 859.425.7793 or ajustice@ddaftech.com.
Have a question? Click here to contact this representative.
Related Posts
-
How to Avoid the Dangers of Legacy Accounting Software
-
What is Data-Driven Decision Making for Finance Leaders?
-
How Private Higher Ed Can Track Key Metrics with Cloud Accounting Software
-
Dean Dorton announces reseller partnership with Cloudian
-
21st Century Cures Act: A guide to understanding for those without a PhD, …
-
Year-End Considerations for Law Firms