The Department of Defense is creating a new standard called the Cybersecurity Maturity Model Certification. This standard will replace NIST 800-171 on DoD requirements in late 2020. The CMMC will review and combine various cybersecurity standards and best practices and map these controls and processes across several maturity levels that range from basic cyber hygiene to advanced. For a given CMMC level, the associated controls and processes, when implemented, will reduce risk against a specific set of cyber threats.
The CMMC will not provide a self-attestation component, and every organization that does business with the Department of Defense will be required to undergo an audit by an authorized auditing entity before bidding on a contract or subcontracting to a prime. Stetson can help you certify under the new CMMC model.