The Cybersecurity Maturity Model Certification (CMMC) Program was created and is managed by the Department of Defense (DoD). This standard was developed with a focus on enhancing the protection of Controlled Unclassified Information (CUI) within the supply chain.

The CMMC combines several cybersecurity standards (NIST SP 800-171) and best practices and maps these controls across organizational maturity levels ranging from basic cyber hygiene to advanced cyber threats. This regulation builds on the existing regulations known as DFARS 252.204-7012 from 2016.

The CMMC framework is made up of 17 domains:

  1. Access Control
  2. Asset Management
  3. Awareness and Training
  4. Audit and Accountability
  5. Configuration Management
  6. Identification and Authentication
  7. Incident Response
  8. Maintenance
  9. Media Protection
  10. Physical Protection
  11. Personnel Security
  12. Recovery
  13. Risk Assessment
  14. Security Assessment
  15. Situational Awareness
  16. System and Communications Protection
  17. System and Information Integrity

 

How We Can Help

Our qualified experts understand the impact regulatory requirements have on your data collection, transmission, and handling procedures. CompliancePoint brings years of experience to your organization regarding these issues.

Failure to comply with relevant requirements can have a devastating impact on your organization. Don't take chances – let our experts help! CompliancePoint has a variety of services that you can leverage to meet your privacy, security and compliance needs.

Failure to comply with relevant requirements can have a devastating impact on your organization. Don't take chances, let our experts help.

More than 10 Billion records audited

10 Billion+

Records Audited

Over 150 cases as an expert witness

150+

Cases as an
Expert Witness

More than 2500 companies assessed

2,500+

Companies Assessed