For all contractors and subcontractors with the US Department of Defense, the Department of Defense (DoD) has published prescriptive steps to ensure compliance with the requirements safeguarding CUI. Through the DoD Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7012, implementation of ...
FCI and CUI flow down to contractors from a prime contractor or from the government itself. But keep in mind: As part of your contracting work, you might produce information that falls into these categories. For example, if you produce part designs for use by the DoD, those designs might ...
The CMMC establishes assessment mechanisms to verify defense contractors’ compliance with Department of Defense (DoD) security requirements for the protection of sensitive information. Any direct supplier of the DoD that handles Federal Contract Information (FCI) or Controlled Unclassified Information (CUI...
If you want to do business with the DoD, you need to know where CUI resides in your systems and prove to an auditor that you can protect it.
The DoD maintains the flexibility to implement CMMC requirements ahead of these planned phases for specific procurements as needed. Who needs to comply with CMMC? Organizations in the Defense Industrial Base (DIB) sector that process, store, or transmit Federal Contract Information (FCI) or ...