Training - Innovation & Growth
CMMC Mandate Compliance Requirements for DOD Contractors – Time is Running Out
CMMC Mandate Compliance Requirements for DOD Contractors – Time is Running Out
• Clients engaged in, or who wish to pursue award of, DOD Contracts, involving possession of Controlled Unclassified Information (CUI), are currently required to meet NIST 800-171/ DFARS 7012.
• The CMMC (Cybersecurity Maturity Model Certification) Program provides the Department of Defense the mechanism needed to verify that a defense contractor or subcontractor has implemented the specified security requirements and is maintaining that status across the contract period of performance, as required.
• CMMC Final Rule is on track to be published and go into effect, with Audits Set to Begin in Calendar Q1, 2025
• Typical Remediation for a Manufacturer of 30 to 100 employees, from Assessment through full implementation and documentation of all 110 Level 2 Controls (to which most DOD Manufacturers must comply to be Audit Ready) takes 12 Months on Average!
• ALL DOD Contractors and Subcontractors need to be registered in, and have a score entered into, the Supplier Performance Risk System (SPRS), and have a documented Plan Of Actions & Milestones to meet compliance in place before Q1 2025 to remain in the DOD Supply Chain.
Please join us for an informative webinar hosted by NJMEP which will dive into the CMMC Mandate and the provide an insightful plan on how to achieve compliance by the required timeframe.