Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.


Final Rule Authorizing CMMC Req’s for DoD Contracts Takes Effect; Katie Arrington Quoted

1 min read
Katie Arrington
Katie Arrington DoD

A rule finalizing the Department of Defense’s (DoD) implementation of Cybersecurity Maturity Model Certification (CMMC) requirements in DoD contracts has taken effect following delays due to the COVID-19 pandemic, FedScoop reported Tuesday. The DoD first published the CMMC requirements in early 2020.

The Defense Federal Acquisition Regulation Supplement (DFARS) rule change finalizes the requirement for contractors to pass CMMC assessments based on five levels of cyber maturity. Information on contractor assessments will be housed in the Enterprise Mission Assurance Support Services database, according to DoD officials.

Katie Arrington, chief information security officer of defense for acquisition and sustainment and a 2020 Wash100 Award recipient, said at an AFCEA event that the Pentagon plans to issue a press release on contracts that will initially require CMMC certification.

The Pentagon plans to enact a five-year rollout plan for the CMMC effort to help contractors prepare for assessments and secure certification, according to the report.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Cybersecurity