Home / DoD / Katie Arrington: DoD’s Cyber Certification Model Could Allow for Reciprocity With FedRAMP

Katie Arrington: DoD’s Cyber Certification Model Could Allow for Reciprocity With FedRAMP

Katie Arrington
Katie Arrington

Katie Arrington, chief information security officer for acquisition and sustainment at the Department of Defense, said DoD considers opening the Cybersecurity Maturity Model Certification initiative up for a reciprocity process with the General Services Administration’s Federal Risk and Authorization Management program to facilitate the transition, FCW reported Friday.

“I think that there's a lot of reciprocity to be had there because it's an investment that you've already made," Arrington said Thursday a panel discussion at the CDM Summit. "The challenge is when we get certified you have to ensure for the CMMC, those POAMs, those plans of action are closed so that we can validate.”

The Pentagon issued in September a draft version of CMMC, which establishes cyber practices and standards meant to help the defense industrial base reduce exfiltration of controlled unclassified information.

Arrington noted that the department will require CMMC level 1 certification for majority of the 300K defense contractors. She said the CMMC accreditation body will hold its inaugural meeting on Nov. 19, Tuesday, and start training and certifying auditors in January.

DoD expects CMMC requirements to be included in requests for information by summer of 2020 and solicitations by fall, according to the report.

Check Also

USAF, Northrop Conclude Critical Design Review of Polar Satcom Program

The U.S. Air Force and Northrop Grumman have completed a critical design review under a program that aims to deploy satellite communications payloads in the North Polar Region. The Enhanced Polar System Recapitalization program would deliver eXtended Data Rate payloads that would operate in the region until USAF gets access to polar variants of protected and evolved satcom technology in the 2030s, Los Angeles AF Base said Monday.