Federal News Network: DOD initiates CMMC review — big deal or perfunctory?

“When the Defense Department confirmed that Deputy Secretary Kathleen Hicks decided to review the Cybersecurity Maturity Model Certification (CMMC) program, initial reactions were mixed…”

“A DoD spokeswoman offered little insight into the review and what its goals are.

‘In light of increasingly frequent and complex cyber intrusion efforts by adversaries and non-state actors, the department remains deeply committed to the security and integrity of the defense industrial base. As is done in the early stages of many programs, the DoD is reviewing the current approach to CMMC to ensure that it is achieving stated goals as effectively as possible while not creating barriers to participation in the DoD acquisition process,’ said Jessica Maxwell, the DoD spokeswoman in an email. ‘As this internal assessment is ongoing, we are not able to provide further detail.  This assessment will be used to identify potential improvements to the implementation of the program’…”

“On top of this review, DoD is in the middle of delivering reports to Congress and working with the Government Accountability Office on CMMC reports and analyses. The 2021 Defense Authorization Act required the DoD chief information officer to assess each department component against the CMMC framework and report findings to congressional defense committees by March 1. Lawmakers want details on how each component ‘will implement relevant security measure to achieve a desired CMMC [level] or other appropriate capability and performance threshold.’

Congress also asked the Government Accountability Office to independently assess and brief Congress within six months of the CIO report’s issuance.

The NDAA also requires DoD to withhold 60% of its CMMC appropriated funding until its Office of Acquisition and Sustainment (A&S) submits a plan to Congress detailing timelines for pilot activities, the relationship with auditing or accrediting bodies, planned funding and involvement of the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) and its plans to train acquisition staff to implement CMMC…” Read the full article here.

Source: DoD initiates CMMC review — big deal or perfunctory? – By Jason Miller, April 5, 2021. Federal News Network.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 week, 3 days ago.

  • Author
  • #123689

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?