What is CMMC 2.0?

The Cybersecurity Maturity Model Certification (CMMC) will be required for the DoD’s Defense Industrial Base (DIB) contracts, products, services and supply chain to protect Controlled Unclassified Information (CUI). Certification will be required to work with the DoD. CMMC 2.0 has simplified the Maturity Levels from 5 to 3, depicted in the graphic below.

How do I get Certified?

The CMMC Accreditation Body (AB), a non-profit, independent organization, will accredit CMMC Third Party Assessment Organizations (C3PAO) and individual assessors. The CMMC AB will provide the requisite information and updates on its website.
The CMMC AB has established the CMMC Marketplace.  It includes a list of approved C3PAO as well as other information. Once the Candidate C3PAOs are assessed and certified, formal assessments will begin. Find us on the CMMC AB Marketplace.


FCI (Federal Contract Information) vs. CUI (Controlled Unclassified Information)

 CMMC (Cybersecurity Maturity Model Certification) Assessments

Cybersecurity Standards (NIST SP 800-171 and NIST SP 800-172)

Please contact Cask directly for more information regarding CMMC 2.0 Pre-Assessments, Gap Analyses, and or Formal Assessments.
Give us a call at 540-498-0897 or email us at CMMC@caskgov.com.