May 13th 2022
After years of delays, the CMMC rulemaking process and subsequent rollout seems to be on track. In fact, the latest update by CMMC director Stacy Bostjanick this week suggests that it might be progressing faster than initially announced. Instead of July of 2023 the new expectation is that CMMC requirements will take effect in May of next year.
“May 2023 is the critical point. That’s when we think we will be able to start putting the requirement in contracts. … You are probably going to see RFIs, RFPs coming out in the summer of 2023.”
“Bostjanick said the Pentagon is encouraging companies to do “an early adoption of CMMC” through getting an assessment completed by an approved certified third party assessment organization before the rulemakings go into effect.”
For the full article see:
https://insidecybersecurity.com/share/13502
Depending on the current status, we estimate 6-12 months to prepare for a CMMC Level 2 certification assessment. The bottleneck will be the availability of C3PAOs as everybody will want to get certified at the same time. In other words – it’s time to get ready sooner than later to ensure eligibility for those new contracts.
Contact us for a 30-minute consultation and let’s make sure you don’t miss out on new contract awards.