Glossary term

CMMC

Cybersecurity Maturity Model Certification — DoD's tiered cybersecurity verification program for the defense industrial base.

CMMC (Cybersecurity Maturity Model Certification) is the Department of Defense's program to verify that defense contractors protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). CMMC 2.0 has three levels: Level 1 (Foundational, self-assessment), Level 2 (Advanced, aligned with NIST SP 800-171, third-party assessment for critical programs), and Level 3 (Expert, DIBCAC-led). CMMC becomes a contract requirement as clauses roll out through DFARS 252.204-7021.

Related terms

DFARS
Defense Federal Acquisition Regulation Supplement — DoD-specific additions to the FAR.

Primary sources

https://dodcio.defense.gov/CMMC/

We respect your privacy.

Fedprocai uses functional cookies to keep you signed in. With your consent we also use analytics cookies to understand how the product is used and improve it. You can change this any time. Read our privacy policy.

Categories

Related terms

Primary sources