Hi, during the webinar . You mentioned the DOD CIO has mentioned that every one holding CUI at level 2 will undergo third party assessment. This is different from what I previously understand where only some vendors holding critical CUI at level 2 will undergo C3PAO assessment. Could you provide me link to where DOD CIO have mentioned this. Thanks
Thank you for asking - certainly - you can find it here: federalnewsnetwork.com/cybersecurity/2022/02/more-companies-may-have-to-get-a-cmmc-assessment-after-all/
Hi, during the webinar . You mentioned the DOD CIO has mentioned that every one holding CUI at level 2 will undergo third party assessment. This is different from what I previously understand where only some vendors holding critical CUI at level 2 will undergo C3PAO assessment.
Could you provide me link to where DOD CIO have mentioned this. Thanks
Thank you for asking - certainly - you can find it here: federalnewsnetwork.com/cybersecurity/2022/02/more-companies-may-have-to-get-a-cmmc-assessment-after-all/