CMMC accreditation body outlines plan to address Pentagon IG report on authorizing third-party assessment organizations

The accreditation body behind the Pentagon’s Cybersecurity Maturity Model Certification program is in the process of responding to findings from a Defense Department inspector general report on efforts to authorize certified third-party assessment organizations, according to Cyber AB CEO Matthew Travis.

Travis said the IG audit released on Jan. 10 looked into the authorization process before the CMMC program actually started. A final rule to implement CMMC 2.0 went into effect on Dec. 16 and C3PAOs who were...