Software Engineering Institute

In early 2020, the SEI and partner Johns Hopkins University Applied Physics Laboratory (APL), a university affiliated research center, released the initial version of the cybersecurity maturity model at the heart of the Cybersecurity Maturity Model Certification (CMMC) program. CMMC provides the Department of Defense (DoD) Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) with a powerful tool to improve risk-informed decisions and contractor security in the Defense Industrial Base (DIB) supply chain.

Over the following months, the SEI and APL developed the first two CMMC Assessment Guides, which the DoD released in late 2020. The guides’ detailed discussions and references are intended to assist both supplier organizations and assessors in their certification preparation and review.

To learn more about the CMMC, visit acq.osd.mil/cmmc/.