What does CMMC Compliance Entail? - Cybersecurity Maturity Model Certification (CMMC2.0)

The Cybersecurity Maturity Model Certification (CMMC) Program was created and is managed by the Department of Defense (DoD). This standard was developed with a focus on enhancing the protection of Controlled Unclassified Information (CUI) within the supply chain.

The CMMC combines several cybersecurity standards (NIST SP 800-171) and best practices and maps these controls across organizational maturity levels ranging from basic cyber hygiene to advanced cyber threats. This regulation builds on the existing regulations known as DFARS 252.204-7012 from 2016.

The CMMC 2.0 Framework assesses 14 domains:

  • Access control (AC)

  • Awareness/training (AT)

  • Audit and accountability (AU)

  • Configuration management (CM)

  • Identification and authentication (IA)

  • Incident response (IR)

  • Maintenance (MA)

  • Media protection (MP

  • Personnel security (PS

  • Physical protection (PE)

  • Risk assessment (RA)

  • Security assessment (CA)

  • System communications protection (SC)

  • System information integrity (SI)

How THarWi Can Help

Our specialized cybersecurity experts understand the impact regulatory requirements have on your data collection, transmission, and handling procedures. THarWi brings years of government experience to your organization regarding these issues.

Failure to comply with relevant requirements can have a devastating impact on your organization. Don't take chances – let our consultants help! THarWi has a variety of services that you can leverage to meet your privacy, security, and compliance requirements.