• Back
  • Home
  • Insights
  • Cybersecurity Maturity Model Certification (CMMC): A road map to compliance
11/02/2023

Cybersecurity Maturity Model Certification (CMMC): A road map to compliance

    The Department of Defense (DoD) has officially published the CMMC final rule, effective Dec. 16, 2024. Read what this could mean for your organization and next steps to take.

    Use our high-level road map to help get you started on your journey toward compliance.

    1. Confirm your scope includes Controlled Unclassified Information (CUI) and thus seeking CMMC level 2 status.

    2. Review the CMMC framework to understand the practices and processes your organization will need to meet Level 2 maturity requirements.

    3. Conduct a preparedness assessment – work with a third party or with your team to identify technical gaps in existing vs. required practices.

    4. Develop and implement practices that are found to be non-existent (or fixes for those determined to be partially implemented) based on the results of the assessment.

    5. Deploy technical solutions where needed.

    6. Remediate other process gaps as identified in the preparedness assessment.

    7. If the organization’s SPRS score is greater than 85, identify/select a CMMC Third-Party Assessor Organization (C3PAO) firm for your CMMC audit. 

    8. Obtain your desired CMMC level maturity certification based on the audit.

    Download the road map to compliance.

    Contact

    Bhavesh Vadhani, Principal, Technology Risk, Cybersecurity, and Privacy

    703.847.4418

    OUR PEOPLE

    Get in touch with our specialists

    View All Specialists
    Bhavesh Vadhani

    Bhavesh Vadhani

     CISA, CRISC, CGEIT, PMP, CDPSE, Partner, Global Leader, Cybersecurity, Technology Risk, and Privacy – CohnReznick Advisory LLC
    View Full Bio
    Contact Bhavesh Bhavesh+Vadhani [email protected]
    kristen-soles

    Kristen Soles

    Managing Partner – Global Consulting Solutions – CohnReznick Advisory LLC

    Partner – CohnReznick LLP

    View Full Bio
    Contact Kristen Kristen+Soles [email protected]

    Looking for the full list of our dedicated professionals here at CohnReznick?

    View All Specialists
    Close

    Contact

    Let’s start a conversation about your company’s strategic goals and vision for the future.

    Please fill all required fields*

    Please verify your information and check to see if all require fields have been filled in.

    Please select job function
    Please select job level
    Please select country
    Please select state
    Please select industry
    Please select topic
    new-insights-banner

    Access Our Resources for Cybersecurity Maturity Model Certification (CMMC)

    Subscribe

    This has been prepared for information purposes and general guidance only and does not constitute legal or professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is made as to the accuracy or completeness of the information contained in this publication, and CohnReznick, its partners, employees and agents accept no liability, and disclaim all responsibility, for the consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.