Defense industry group asks Pentagon for details on CMMC pilot activities, guardrails around assessments

The National Defense Industrial Association is asking the Defense Department and the accreditation body behind its Cybersecurity Maturity Model Certification program for additional guidance on issues ranging from the assessment process to costs for certification.

In a letter to DOD and the CMMC Accreditation Body, NDIA lists questions in nine areas that are of concern to its members on the implementation of the CMMC program.

“We appreciate DOD’s prior engagement with industry to enrich and refine the model’s specifications, and...