Inside Cybersecurity

December 1, 2021

Daily News

Defense contracting agency pauses audits for CMMC assessment organizations to address program changes

By Sara Friedman / November 23, 2021

Cyber certification audits for certified third party assessments organizations are currently on hold at the Pentagon while the Defense Department works through changes to its Cybersecurity Maturity Model Certification program, according to a DOD official.

The Defense Contract Management Agency started conducting level three assessments for C3PAOs in early 2021, and five C3PAOs are currently listed as “authorized” on the CMMC Accreditation Body’s marketplace. The C3PAO audits are conducted by the Defense Industrial Base Cybersecurity Assessment Center.

DIBCAC “assessments under...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.