Inside Cybersecurity

December 4, 2022

Daily News

Defense industry group raises concerns over terminology for ‘managed service providers’ in CMMC assessment guide

By Sara Friedman / August 30, 2022

The National Defense Industrial Association is seeking clarity from the accreditation body behind the Pentagon’s cyber certification program on how managed service providers can be used to help companies reach compliance and address reciprocity.

The Cyber Accreditation Body released the first version of its CMMC assessment process guide, known “the CAP,” in July for public comment. The guide for the Cybersecurity Maturity Model Certification program is marked as “pre-decisional” because DOD’s work to finalize the rulemaking is still in progress....


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.