Article By Mariam Baksh. Original article can be found here: https://www.nextgov.com/cybersecurity/2021/01/official-reciprocity-memos-dods-cybersecurity-certification-program-are-ready/171680/
Article highlights:
The DoD and the CMMCAB have agreed on terms for accommodating companies that have already been audited for cybersecurity.
Defense officials sought to assure contractors that CMMC auditors would consider FedRAMP certifications,
“I'm going to take any ISO 27001 and provide reciprocity,” said Katie Arrington, the chief information security officer for Defense acquisitions, referring to the foundational international information security standard. “We're giving reciprocity for the DIBCAC assessments that have already been done. And we're giving reciprocity when it comes to FedRAMP."
Comments