DoD Seeks Feedback on Interim Rule for CMMC Implementation

The Department of Defense (DoD) is seeking comments on an interim rule to implement the Cybersecurity Maturity Model Certification framework and an assessment methodology as part of efforts to better protect unclassified data within the DoD supply chain and evaluate vendors’ implementation of cyber requirements.

DoD introduced the interim rule as an amendment to the Defense Federal Acquisition Regulation Supplement, according to a notice posted Tuesday on Federal Register.

The proposed regulation amends a subpart in DFARS to implement the National Institute of Standards and Technology (NIST) Special Publication 800-171 DoD Assessment Methodology. Under this amendment, contracting officers should verify in the Supplier Performance Risk System that a vendor has a current assessment on record under NIST SP 800-171 before a contract award.

The rule also directs contracting officers to validate in SPRS if the contractor’s certification under CMMC is current and meets the required cyber maturity level prior to making the award.

“A new DFARS clause 252.204-7021, Cybersecurity Maturity Model Certification Requirements, is prescribed for use in all solicitations and contracts or task orders or delivery orders, excluding those exclusively for the acquisition of COTS items,” the rule reads.

Comments on the interim rule are due Nov. 30.

Katherine Arrington, chief information security officer (CISO) for the Office of the Under Secretary of Defense for Acquisition (OUSDA) for the Department of Defense (DoD) and 2020 Wash100 Award recipient, will be featured as the keynote speaker for the Fall 2020 CMMC Forum. Click here to register for the Fall 2020 CMMC Forum.

Share the Post:

Related Posts

SAIC’s Wash100 Winning Executives

In the 12-year history of the prestigious and highly competitive Wash100 Award, a handful of elite government contracting companies and federal agencies have produced multiple winners.  SAIC is one such...

TRANSCOM Commander Jacqueline Van Ovost Accepts 2024 Wash100 Award
How to Nominate a GovCon Leader for the 2025 Wash100 Award

In the vast landscape of government contracting, Executive Mosaic‘s Wash100 Award stands as a beacon of recognition and prestige. This accolade celebrates the most outstanding figures who have shaped the...