The Department of Defense plans to facilitate training activities for accreditors under the Cybersecurity Maturity Model Certification program through June, FCW reported Tuesday.
The recently established CMMC entity will serve as an independent and not-for-profit accreditation body that will work to create certification and training requirements for third-party organizations and individual assessors responsible for evaluating firms seeking to do business with the DoD.
Ellen Lord, defense undersecretary for acquisition and sustainment and 2019 Wash100 Award winner, said at a Defense Writers Group event that training for assessors is currently underway and will end by mid-year when requests for information that include CMMC standards will begin to roll out.
"One of my biggest concerns was really about small and medium businesses because that's where a large part of innovation comes from and we need that,” she noted. “We want to retain them.”
According to Lord, the CMMC body will use semi-automated procedures as well as a tool intended metrics collection and audits by third-party evaluators. The final version of the CMMC model is slated for release at the end of the month.