• THE COSTS ASSOCIATED WITH BECOMING CMMC-COMPLIANT VARY AND INCREASE BY LEVEL OF MATURITY . According to a statement from the chief information security officer at the Office of Defense Acquisition & Sustainment , a business should expect to pay anywhere between $ 3,000 to $ 5,000 for CMMC level one – with costs increasing with each level . The good news ? CMMC preparation is an “ allowable cost ” and , in most situations , is reimbursable by the DoD . This means that DoD contractors are eligible for reimbursement for preparation and remediation work required to obtain the CMMC .
• CMMC CERTIFICATES ARE VALID FOR THREE YEARS . Renewal of certifications will be required on a continual basis , to ensure that businesses stay up to date on cybersecurity requirements .
• While all companies working with the DoD will need to become CMMC-compliant , individual contracts with the DoD may require different levels of certification . As a best practice , it ’ s advisable to obtain all five parts of the CMMC to ensure your business is completely compliant and able to carry out business with the DoD at any CMMC level .
How to Begin the Certification Process
CMMC can be an intimidating process for contractors working with the DoD , but you don ’ t need to be a cybersecurity expert to obtain this certification . Our team of Rea cybersecurity experts and CMMC-registered providers can help you every step of the way . Contact me to learn more about CMMC and how your business can obtain certification .
By : Ty Whittenburg , CMMC-RP , senior information assurance manager , ty . whittenburg @ reacpa . com ( Dublin office )
9