Commentary: CMMC - Tips for Bidding on Government Contracts

Source: nationaldefensemagazine.org

The Defense Department released on Sept. 29 its highly anticipated interim rule, which amends the Defense Federal Acquisition Regulation Supplement by including three new clauses that implement a mandatory DoD Assessment Methodology and adherence to the Cybersecurity Maturity Model Certification (CMMC) program.

The purpose of the new rule is to give teeth to DFARS 252.204-7012 “Safeguarding Covered Defense Information and Cyber Incident Reporting,” which requires that contractors protect certain controlled unclassified information. The interim rule was to take effect Nov. 30 and is likely to be issued as a final rule with some tweaks based on comments submitted and experience with it in practice.

Click Here to read the full article.