FedScoop: CMMC assessment requirements could be changing, potentially raising costs for some

“The cost of some Cybersecurity Maturity Model Certification assessments could soon increase as the Department of Defense considers introducing new requirements, four people familiar with the matter told FedScoop.

DOD and the CMMC Accreditation Body are working to finalize requirements that could mandate having more experienced — and expensive — assessors conduct the needed tests of contractor networks that transmit controlled unclassified information. In effect, it could raise the price for some assessments as the per-hour cost of provisional assessors is higher than the original plan…”

“While the proposed requirement is not finalized and would only apply to CMMC level three assessments for companies that handle the department’s controlled unclassified information, it is part of a growing list of ideas that the DOD CMMC Program Management Office is generating that several people familiar with the process worry will negatively impact the program’s cost and timely implementation…”

“Under the changes, for an assessment at level three, Certified Third Party Assessor Organizations (C3PAOs) would need to hire four full-time provisional assessors. It was previously understood that these authorized assessment companies would only need to hire one assessor and three ‘registered practitioners’ — entry-level assessors that do not meet the standards needed to become an assessor — to conduct a level three assessment.

To be eligible to be an assessor for level three assessments, an applicant needs at least four years of cyber or IT experience and to pass through on levels one and two first, according to the CMMC Accreditation Body’s website, which manages the ecosystem…” Read the full article here.

Source: CMMC assessment requirements could be changing, potentially raising costs for some – By Jackson Barnett, July 12, 2021. FedScoop.

0
Tags:

This topic contains 2 replies, has 3 voices, and was last updated by  Cynthia Kline 2 months ago.

  • Author
    Posts
  • #132056

    Replies viewable by members only

    0
  • #132100
     Anonymous
    • Anonymous

    Replies viewable by members only

    0
  • #132537
     Cynthia Kline
    • President, Owner, IT Consultant
    • Analytical Solutions by Kline, LLC

    Replies viewable by members only

    0

You must be logged in to reply to this topic.

CONTACT US

Questions?. Send us an email and we'll get back to you, asap.

Sending

©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541512, 
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?