CMMC Assessment Checklist
Download our CMMC assessment checklist!
.jpg?ext=.jpg)
Department of Defense Releases CMMC Implementation memo
On January 17, 2025, the Department of Defense released a memo titled, "Implementing the Cybersecurity Maturity Model Certification (CMMC) Program: Guidance for Determining Appropriate CMMC Compliance Assessment Levels and Process for Waiving CMMC Assessment Requirements."
The purpose of the document is to help program managers and contractors determine the appropriate CMMC level for that contractor. The memo notes that the guidelines it sets forth are for minimum CMMC requirements. When companies handle, transmit, or store CUI, they must use the highest possible level of CMMC compliance to protect that data.
The memo can prove helpful to you as you work to understand how your business can work toward CMMC compliance. For example, it outlines:
- When a self-assessment is appropriate
- When a self-assessment is appropriate for level 2
- What contractors need to meet level 3 CMMC compliance
You can download the document here.
Let's Talk
As you read through the guidelines, please feel free to contact us with any questions, or click our Request a Quote button on this page to send us your questions and information.About Smithers
Founded in 1925 and headquartered in Akron, Ohio, Smithers is a multinational provider of testing, consulting, information, and compliance services. With laboratories and operations in North America, Europe, and Asia, Smithers supports customers in the transportation, life science, packaging, materials, components, consumer, cannabis, dry commodities, and energy industries. Smithers delivers accurate data, on time, with high touch, by integrating science, technology, and business expertise, so customers can innovate with confidence. Smithers is one of the most respected authorized C3PAOs and can be found on the CyberAB Marketplace.