What is CMMC Compliance?

The Cybersecurity Maturity Model Certification (CMMC) Program was created and is managed by the Department of Defense (DoD). This standard was developed with a focus on enhancing the protection of Controlled Unclassified Information (CUI) within the supply chain.

The CMMC combines several cybersecurity standards (NIST SP 800-171) and best practices and maps these controls across organizational maturity levels ranging from basic cyber hygiene to advanced cyber threats. This regulation builds on the existing regulations known as DFARS 252.204-7012 from 2016.

The CMMC framework is made up of 17 domains:

1. Access Control
2. Asset Management
3. Awareness and Training
4. Audit and Accountability
5. Configuration Management
6. Identification and Authentication
7. Incident Response
8. Maintenance
9. Media Protection
10. Physical Protection
11. Personnel Security
12. Recovery
13. Risk Assessment
14. Security Assessment
15. Situational Awareness
16. System and Communications Protection
17. System and Information Integrity

How We Can Help

Our qualified experts understand the impact regulatory requirements have on your data collection, transmission, and handling procedures. CompliancePoint brings years of experience to your organization regarding these issues.

Failure to comply with relevant requirements can have a devastating impact on your organization. Don't take chances – let our experts help! CompliancePoint has a variety of services that you can leverage to meet your privacy, security and compliance needs.