Search results

  1. erin

    Do I need to be certified?

    Hi disel56, I can absolutely understand how stressful this must be for you; unsure if you will pass the audit. Fortunately, according to a presentation given last May by Ms. Katie Arrington, the Chief Information Security Officer, Office of the Under Secretary of Defense for Acquisition and...
  2. erin

    Do I need to be certified?

    Disel56, Long story short? Yes, you do. Every government contractor needs to be CMMC certified. The great thing, however, about CMMC vs former requirements and regulations is that there are different Maturity Levels (ML), 1-5. They build on each other so ML1 is the easiest to achieve while...
  3. erin

    What CMMC Maturity Level does my company need to be?

    Hi Primesub, When you receive the contract, it will let you know what CMMC ML you will need to achieve. Unfortunately, from what we understand right now, there's not really any way to know before you receive the contract; however, if you have several contracts and you produce, transmit, store...
  4. erin

    Is the CMMC really necessary?

    Unfortunately, it is a necessary evil. The self-certifying just hasn't been working and small businesses have been a prime target for hackers BECAUSE they often lack the cybersecurity necessary to keep their data safe. This is especially true of government contractors. Also, the CMMC site...
  5. erin

    CMMC Level 5

    If you are NIST SP 800-53 compliant, you will be pretty far along, and it most likely won't take much to attain Maturity Level (ML) 5. However, there are going to be some differences. If you have questions about what it will take to reach ML 5, schedule a free consultation with Craig by...
  6. erin

    How much will this CMMC cost me and my business?

    Unfortunately, as you probably already know, the cost of an audit has not yet been released; that being said, based on other audits of similar scope and scale, our best ESTIMATE is anywhere between $20,000 to $30,000. HOWEVER, according to the Under Secretary of Defense for Acquisition &...
  7. erin


    That's a great question! Essentially, the CMMC takes the best practices of all of these requirements and rolls them into one, uniformed model. To be honest, there is a lot of overlapping, anyways, and it just makes sense to simplify them all: FAR Clause 52.204-21 NIST SP 800-171 Rev 1 Draft...
  8. erin

    Do I no longer have to worry about being NIST compliant?

    The answer to that question is... Kind of, yeah! Which to be honest, is going to take some getting used to because even though we know it was coming, we've done so much NIST compliance work, that it's still kind of strange... But I digress! The goal of CMMC is to simplify the cybersecurity...
  9. erin


    Technically, no. According to the Office of the Under Secretary of Defense for Acquisition & Sustainment FAQ page, Q6, starting in June of this year (2020), you will not be rewarded contracts going forward, if you have not passed the audit. So, it sounds like while they are giving you a bit of...
  10. erin

    CMMC 2020-02-14

    FAQs regarding CMMC, provided by the Office of the Under Secretary of Defense forAcquisition & Sustainment
  11. erin

    Too good to be true?

    That's a great question! It has barely been out for an entire day, but it does seem to make sense by making the requirements graduated instead of one-size-fits-all. Additionally, it streamlines the requirements so that contractors know exactly where to go. Still, it is a lot of new...
  12. erin

    Thank you for this forum!

    Your are very welcome! We are glad you find it useful and please don't hesitate to let us know if you have have questions!
Get CMMC Compliant With PTG's CMMC Compliance Tool Kit - Learn More