Determining the Assessment Requirement The CMMC Level 2 process begins with a clear determination of the required assessment type. An organization must establish whether it is subject to a self-assessment
Every defense contractor working toward CMMC Level 2 eventually hits the same wall. The regulations are dense, the technical requirements are specific, and the gap between where an organization is
If your organization is working toward CMMC Level 2, you will eventually encounter a term that carries a lot of weight. C3PAO. Understanding what a C3PAO does is critical because
A letter is circulating in the defense supply chain right now that should be on the desk of every subcontractor doing business with a major prime. L3Harris Technologies, one of
Cybersecurity has evolved far beyond a technical concern handled solely by IT departments. Today, it is a core business function that directly impacts revenue, reputation, and long-term viability.
ITAR, enforced by the U.S. Department of State’s Directorate of Defense Trade Controls, is built around controlling access to defense-related items and information. Exporting is only one part of that system.
GCC High: The Platform Defense Contractors Are Betting Their Contracts On There is a conversation happening in almost every defense contractor’s IT department right now, and it goes something like
The International Traffic in Arms Regulations (ITAR) are found at Title 22 of the Code of Federal Regulations, Parts 120 through 130. They implement the Arms Export Control Act (AECA) and are administered by the U.S.
If you work anywhere near a Department of Defense contract, you have probably encountered a wall of acronyms that seems designed to confuse. CMMC documents, solicitations, and compliance guidance are
