1576 Sweet Home Rd, Buffalo, NY 14228

Cybersecurity Maturity Model Certification (CMMC)

On January 31, 2020 the Department of Defense (DOD) released the latest official version of the Cybersecurity Maturity Model Certification (CMMC). The CMMC is a cybersecurity model that requires all companies doing business with the DOD, approximately 300,000 vendors, to obtain certification by September 2020.

The CMMC is a verification mechanism, departing from the DOD practice of self-verification of cybersecurity requirements, and requires certified independent third party organizations to assess adherence and provide certification. The CMMC has the following five (5) levels of certification, with level five (5) being the most mature and secure environment:


CMMC Version 1.02

This is the latest official version of the CMMC, released by the Department of Defense Office of the Undersecretary of Defense for Acquisition and Sustainment:

PDF Download

Katie Arrington, special assistant to the Assistant Secretary of Defense for Acquisition for Cyber in the Office of the Under Secretary of Acquisition and Sustainment in DOD, director of the CMMC program, has advised that companies are already required to be compliant and self-certified with NIST 800-171. The majority of controls found in the final version of the CMMC are directly from the NIST 800-171.

Our CMMC Readiness solution will evaluate your compliance against the NIST 800-171.