CMMC: Cybersecurity Maturity Model Certification
Access resources to support your journey to CMMC compliance
What is CMMC?
The Cybersecurity Maturity Model Certification (CMMC) is an assessment program created to verify compliance with safeguarding controlled unclassified information across the Defense Industrial Base (DIB) by addressing the gaps in prior regulatory requirements. The Department of Defense (DoD) found that private sector organizations doing business with the federal government were not satisfying the requirements specified in Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012. The requirements included the implementation of the National Institute of Standards and Technology (NIST) SP 800-171 for systems processing Covered Defense Information but did not include official certification or compliance reporting mechanisms. This resulted in organizations not fully implementing controls to a consistent maturity level, ultimately putting the government supply chain at risk.
For government contractors fulfilling Department of Defense (DoD) contracts, complying with the Cybersecurity Maturity Model Certification (CMMC) requirements is crucial. Contractors handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) will need to meet Maturity Levels 1, 2 or 3.
To work with the most critical defense programs, organizations will need to meet Maturity Level 3. Contract requirements will specify Maturity Level requirements, which will flow down only to subcontractors working with controlled unclassified information. Therefore, it's important to identify the type of data being stored.
CMMC Resources
CMMC Government Contracting Guide
Top Cybersecurity Regulations You Should Know
Gaining CMMC Compliance and Audit Support with Deltek
“CMMC isn’t only important to us but also Deltek, and you can see this by the investments they have made in cybersecurity and compliance.”
Applied Insight
CMMC Compliance Through Deltek ERP
Deltek is dedicated to protecting your data by ensuring our capabilities meet the constantly changing security landscape. We are continuously adjusting our suite of products and services to support your cyber posture by increasing our investment in security, compliance, and supporting technologies for our customers – easing and scaling the management of systems for your teams.
The DoD has mandated that all government contractors competing for DoD contracts are CMMC 2.0 certified. While this mandate may seem to be in the distant future, the security controls that are the foundation of CMMC compliance are required for defense contractors. Today, contractors are making it a top priority to find a Cloud Service Provider (CSP) that offers an ERP solution that will support their CMMC 2.0 compliance efforts by meeting DFARs requirements such as NIST 800-171, ITAR, and FedRAMP Moderate controls. It’s important to invest in a CSP and a solution that helps address all your requirements as a one-stop-shop, partnering with you as new compliance initiatives develop in the future, with the understanding that compliance frameworks are a shared responsibility. At Deltek, we’re dedicated to being that trusted partner.
CMMC Compliance Resources for Government Contractors
Don’t Wait for CMMC 2.0 to Move to Deltek’s GovCon Cloud
Learn how the right cloud environment supports government contractors with cybersecurity compliance requirements.
Deltek’s Approach to CMMC 2.0
Learn how CMMC impacts your business and what Deltek has done to assist you in your compliance journey.
Modernize your Business with the Cloud and Stay Competitive
Find out the transformative benefits that come with operating in the cloud, like optimizing IT spending and supporting remote teams.