Regulations last checked for updates: May 17, 2024

Title 48 - Federal Acquisition Regulations System last revised: May 14, 2024
All TitlesTitle 48Chapter 2Part 204Subpart 204.75 - Subpart 204.75—Cybersecurity Maturity Model Certification
View all text of Subpart 204.75 [204.7500 - 204.7503]
204.7500 - 204.7500 Scope of subpart.

(a) This subpart prescribes policies and procedures for including the Cybersecurity Maturity Model Certification (CMMC) level requirements in DoD contracts. CMMC is a framework that measures a contractor's cybersecurity maturity to include the implementation of cybersecurity practices and institutionalization of processes (see https://www.acq.osd.mil/cmmc/index.html).

(b) This subpart does not abrogate any other requirements regarding contractor physical, personnel, information, technical, or general administrative security operations governing the protection of unclassified information, nor does it affect requirements of the National Industrial Security Program.

authority: 41 U.S.C. 1303 and 48 CFR chapter 1
source: 56 FR 36289, July 31, 1991, unless otherwise noted.
cite as: 48 CFR 204.7500
© 2014 CustomsMobile | Disclaimer | Privacy | About