Jane Edwards
The Department of Defense has submitted to the Office of Management and Budget its proposed rule to implement the Cybersecurity Maturity Model Certification program.
The office of information and regulatory affairs within OMB is now set to review the CMMC framework after receiving the proposed rule on Monday.
The CMMC framework seeks to help assess defense contractors’ compliance with cybersecurity requirements to protect federal contract data and controlled unclassified information from advanced persistent threats and other cyberattacks.
A notice of proposed rulemaking on the CMMC framework is expected to be released in September.
In November 2021, the Pentagon introduced the second iteration of the framework, dubbed CMMC 2.0, as part of efforts to simplify the program standard and clarify cybersecurity policy, regulatory and contracting requirements.
