Strategic Direction for Cybersecurity Maturity Model Certification (CMMC) Program
The enhanced “CMMC 2.0” program maintains the program’s original goal of safeguarding sensitive information, while:
- Simplifying the CMMC standard and providing additional clarity on cybersecurity regulatory, policy, and contracting requirements;
- Focusing the most advanced cybersecurity standards and third-party assessment requirements on companies supporting the highest priority programs; and
- Increasing Department oversight of professional and ethical standards in the assessment ecosystem.