DoD Contractors
CMMC

CMMC (Cybersecurity Maturity Model Certification) is a framework developed by the National Institute of Standards (NIST), published under SP 800.171 and implemented under arrangement with the Cybersecurity Accreditation Body (CyberAB). The CMMC model has been adopted by the U.S. Department of Defense (DoD) to assess and improve the cybersecurity posture of organizations in its supply chain and builds on existing trust-based regulations (DFARS 252.204-7012) by adding a verification component for cybersecurity requirements. Therefor, CMMC is a verification process intended to validate the correct implementation of DFARS 252.204-7012.

 

The BorderHawk CMMC readiness assessment and preparation service, is a process through which OSC's, (e.g. Organizations Seeking Certification) in order to begin or continue working with the DoD as primes or subcontractors are evaluated against the CMMC framework. BorderHawk's process, guidance, and support is designed to increase the confidence that an OSC has a fully developed and implemented program and that the organization is prepared to schedule and conduct an audit via a C3PAO of their choice.

​

The main goal of CMMC is to improve the overall cybersecurity posture of the defense industrial base (DIB) and verify that OSC's have controls in place for the protection of controlled unclassified information (CUI) and federal contract information (FCI) that is shared with the Defense Industrial Base as this data flows down through its supply chain.