The Department of Defense (DoD) has finally released the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program—32 CFR Part 170. This rulemaking will officially be published December 15th, 2024 and effective December 16th, 2024.

Under this new rule and proposed timeline, DIB organizations contracted with the federal government will need to adhere to the requirements within the framework while achieving and maintaining CMMC-compliant status. Included in this update is a 4-phase timeline for organizations that are anticipated to be affected by the rulemaking and what they can anticipate in 2025-2026.

Check out our quick guide here:

Moving Forward with CMMC Compliance

Fortunately, your organization doesn’t have to take on these phases alone. SP6’s specialized Cyber Risk and Compliance consulting services pair your security and compliance personnel with seasoned, accredited CCPs & CCAs (Certified CMMC Professional & Certified CMMC Assessor). For trusted guidance and expertise throughout the anticipated final CMMC Program Rule, get in touch with us today!