{"id":541,"date":"2024-12-04T09:46:55","date_gmt":"2024-12-04T09:46:55","guid":{"rendered":"https:\/\/devserver.knstek.com\/sysaudits\/?page_id=541"},"modified":"2025-04-17T04:18:30","modified_gmt":"2025-04-17T04:18:30","slug":"faq-cmmc","status":"publish","type":"page","link":"https:\/\/devserver.knstek.com\/sysaudits\/faq-cmmc\/","title":{"rendered":"FAQ CMMC"},"content":{"rendered":"<style>#sp-ea-720 .spcollapsing { height: 0; overflow: hidden; transition-property: height;transition-duration: 300ms;}#sp-ea-720.sp-easy-accordion>.sp-ea-single {margin-bottom: 10px; border: 1px solid #e2e2e2; }#sp-ea-720.sp-easy-accordion>.sp-ea-single>.ea-header a {color: #444;}#sp-ea-720.sp-easy-accordion>.sp-ea-single>.sp-collapse>.ea-body {background: #fff; color: #444;}#sp-ea-720.sp-easy-accordion>.sp-ea-single {background: #eee;}#sp-ea-720.sp-easy-accordion>.sp-ea-single>.ea-header a .ea-expand-icon { float: left; color: #444;font-size: 16px;}<\/style><div id=\"sp_easy_accordion-1733824971\">\n<div id=\"sp-ea-720\" class=\"sp-ea-one sp-easy-accordion\" data-ea-active=\"ea-click\" data-ea-mode=\"vertical\" data-preloader=\"\" data-scroll-active-item=\"\" data-offset-to-scroll=\"0\">\n\n<!-- Start accordion card div. -->\n<div class=\"ea-card ea-expand sp-ea-single\">\n\t<!-- Start accordion header. -->\n\t<h3 class=\"ea-header\">\n\t\t<!-- Add anchor tag for header. -->\n\t\t<a class=\"collapsed\" id=\"ea-header-7200\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse7200\" aria-controls=\"collapse7200\" href=\"#\"  aria-expanded=\"true\" tabindex=\"0\">\n\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-minus\"><\/i> Who Needs CMMC Compliance?\t\t<\/a> <!-- Close anchor tag for header. -->\n\t<\/h3>\t<!-- Close header tag. -->\n\t<!-- Start collapsible content div. -->\n\t<div class=\"sp-collapse spcollapse collapsed show\" id=\"collapse7200\" data-parent=\"#sp-ea-720\" role=\"region\" aria-labelledby=\"ea-header-7200\">  <!-- Content div. -->\n\t\t<div class=\"ea-body\">\n\t\t<p><span style=\"font-weight: 400\">Organizations within the Defense Industrial Base (DIB) that work with the Department of Defense (DoD) and handle Controlled Unclassified Information (CUI) or Federal Contract Information (FCI) must meet Cybersecurity Maturity Model Certification (CMMC) requirements. This certification ensures that these businesses maintain adequate cybersecurity practices to protect sensitive government data throughout the supply chain. CMMC compliance is essential for companies to fulfill their contractual obligations and remain eligible for DoD contracts.<\/span><\/p>\n<p><span style=\"font-weight: 400\">Key Groups Needing CMMC Compliance:<\/span><\/p>\n<ol>\n<li><span style=\"font-weight: 400\">Prime Contractors<br \/>\n<\/span>As direct DoD contract holders, they must ensure all operations meet the CMMC level tied to the data's sensitivity.<\/li>\n<\/ol>\n<ol start=\"2\">\n<li><span style=\"font-weight: 400\">Subcontractors<br \/>\n<\/span>Companies that assist primes and handle FCI or CUI\u2014whether in logistics, software, or manufacturing\u2014must also adhere to CMMC.<\/li>\n<\/ol>\n<ol start=\"3\">\n<li><span style=\"font-weight: 400\">Small and Medium-Sized Businesses (SMBs)<br \/>\n<\/span>Often subcontractors, SMBs must comply to protect their role within the defense supply chain, even when handling limited data.<\/li>\n<\/ol>\n<ol start=\"4\">\n<li><span style=\"font-weight: 400\">Managed Service Providers (MSPs) &amp; IT Vendors<br \/>\n<\/span>If they access or manage systems containing FCI or CUI for DoD contractors, compliance is necessary.<\/li>\n<\/ol>\n<ol start=\"5\">\n<li><span style=\"font-weight: 400\">Research Institutions and Universities<br \/>\n<\/span>Those involved in DoD-funded research must align with CMMC to safeguard sensitive information.<\/li>\n<\/ol>\n\t\t<\/div> <!-- Close content div. -->\n\t<\/div> <!-- Close collapse div. -->\n<\/div> <!-- Close card div. -->\n<!-- Start accordion card div. -->\n<div class=\"ea-card  sp-ea-single\">\n\t<!-- Start accordion header. -->\n\t<h3 class=\"ea-header\">\n\t\t<!-- Add anchor tag for header. -->\n\t\t<a class=\"collapsed\" id=\"ea-header-7201\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse7201\" aria-controls=\"collapse7201\" href=\"#\"  aria-expanded=\"false\" tabindex=\"0\">\n\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Why CMMC Compliance Matters:\t\t<\/a> <!-- Close anchor tag for header. -->\n\t<\/h3>\t<!-- Close header tag. -->\n\t<!-- Start collapsible content div. -->\n\t<div class=\"sp-collapse spcollapse \" id=\"collapse7201\" data-parent=\"#sp-ea-720\" role=\"region\" aria-labelledby=\"ea-header-7201\">  <!-- Content div. -->\n\t\t<div class=\"ea-body\">\n\t\t<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">National Security: It fortifies sensitive DoD data across the supply chain.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Contractual Necessity: It's mandatory for bidding on and maintaining contracts.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Supply Chain Integrity: Ensures a uniform cybersecurity standard for all defense contributors.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400\">Understanding Levels:<\/span><\/p>\n<p><span style=\"font-weight: 400\">Your CMMC level depends on the data you manage:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Level 1: Basic cybersecurity for handling FCI.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Level 2: Transitional level for CUI.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Level 3+: Advanced controls for sensitive CUI contexts.<\/span><\/li>\n<\/ul>\n\t\t<\/div> <!-- Close content div. -->\n\t<\/div> <!-- Close collapse div. -->\n<\/div> <!-- Close card div. -->\n<!-- Start accordion card div. -->\n<div class=\"ea-card  sp-ea-single\">\n\t<!-- Start accordion header. -->\n\t<h3 class=\"ea-header\">\n\t\t<!-- Add anchor tag for header. -->\n\t\t<a class=\"collapsed\" id=\"ea-header-7202\" role=\"button\" data-sptoggle=\"spcollapse\" data-sptarget=\"#collapse7202\" aria-controls=\"collapse7202\" href=\"#\"  aria-expanded=\"false\" tabindex=\"0\">\n\t\t<i aria-hidden=\"true\" role=\"presentation\" class=\"ea-expand-icon eap-icon-ea-expand-plus\"><\/i> Conclusion\t\t<\/a> <!-- Close anchor tag for header. -->\n\t<\/h3>\t<!-- Close header tag. -->\n\t<!-- Start collapsible content div. -->\n\t<div class=\"sp-collapse spcollapse \" id=\"collapse7202\" data-parent=\"#sp-ea-720\" role=\"region\" aria-labelledby=\"ea-header-7202\">  <!-- Content div. -->\n\t\t<div class=\"ea-body\">\n\t\t<p>If your business collaborates with the DoD - whether as a primary contractor, a subcontractor, or a service provider - CMMC compliance likely applies to you. Achieving certification is not just a regulatory necessity; it\u2019s also a vital component in protecting sensitive information and maintaining a strong position in the competitive defense sector.<\/p>\n\t\t<\/div> <!-- Close content div. -->\n\t<\/div> <!-- Close collapse div. -->\n<\/div> <!-- Close card div. -->\n<\/div>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":190,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"tpl-inner-page.php","meta":{"footnotes":""},"class_list":["post-541","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/pages\/541","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/comments?post=541"}],"version-history":[{"count":11,"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/pages\/541\/revisions"}],"predecessor-version":[{"id":1469,"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/pages\/541\/revisions\/1469"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/media\/190"}],"wp:attachment":[{"href":"https:\/\/devserver.knstek.com\/sysaudits\/wp-json\/wp\/v2\/media?parent=541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}