CMMC Updates Indicate Deadline for Compliance Looms

CMMC Updates Indicate Deadline for Compliance Looms

Tego has been focused on ensuring organizations are fully informed about the requirements for CMMC compliance. Earlier this year, we announced that the DoD sent the proposed rule for CMMC to OMB-OIRA  and explained what that means for the deadline for CMMC compliance. We now know that the deadline for posting comment rules is November 21, and we expect a 60-day comment period.

Here are some additional essential updates about CMMC that you should be aware of:

  • Supply chain risk is growing, and the DoD repeatedly emphasizes the importance of the supply chain in operations.
  • The location of Controlled Unclassified Information (CUI) is a critical point in any assessment conducted. Proper account management, access control and authorization, and off-boarding procedures are necessary to protect CUI.
  • Incident response training and testing is under significant scrutiny. Tabletop testing is an excellent way to test your Disaster Recovery Plan (DRP) and Incident Response Plan (IRP).
  • Utilizing a Registered Practitioner Organization (RPO) is the best way to test compliance procedures and identify gaps in your security strategy.
  • NIST 800-171 requirements have been revised. These requirements are utilized as part of the CMMC compliance, and organizations should already follow them.

Tego is an RPO with several years of experience in security, audit, and compliance and maintains training in basic CMMC methodology. The expected timeline for completing a pre-assessment and addressing any POA&Ms will take at least 6-12 months. It is highly recommended that you engage with us sooner rather than later, as we fully expect the demand for pre-assessments and consulting to increase in 2024.

Contact us today to schedule a call to learn more about our services.

About the author
Jennifer Vosburgh is a seasoned Marketing and Communications professional. With over 15 years of experience, she has a strong background in Marketing, Communications, and Event Management. As Vice President of Tego Data Systems in Raleigh, NC, Jennifer is responsible for delivering full-scale Marketing Campaigns across all platforms including website, email, social media, events, and more.

By using this website you agree to our updated Conditions of Use and consent to the collection and use of your personal information as described in our updated Privacy Notice, which includes the categories of data we collect and information about your preferences and rights.