Home / News / Katie Arrington: Firms Won’t Need to Meet Same Level of CMMC Requirements on Contracts

Katie Arrington: Firms Won’t Need to Meet Same Level of CMMC Requirements on Contracts

Jeff Brody
Katie Arrington

Katie Arrington, chief information security officer in the office of the defense undersecretary for acquisition and a 2020 Wash100 award winner, said DoD would not require prime contractors and subcontractors on a contract to meet the same level of Cybersecurity Maturity Model Certification requirements, FedScoop reported Friday.

Arrington said at an event Friday the Pentagon will clarify which parts of a contract will demand different levels of certification in upcoming requests for information.

“One size doesn’t fit all for security,” Arrington said. “The subs, by what work they are doing, will need to meet a level one or level two.”

Arrington will deliver the keynote speech at the Potomac Officers Club’s CMMC Forum 2020 on April 2. She will address the CMMC’s timeline, how the certification process could change and will provide a memorandum of understanding with a newly established CMMC accrediting body.

Click here to register for the event.

Check Also

KBR Subsidiary Lands Potential $128M NOAA Observation Network Mgmt Support IDIQ

KBR’s (NYSE: KBR) Stinger Ghaffarian Technologies subsidiary has secured a potential five-year, $128.4M contract to provide data processing and technical services for a National Oceanic and Atmospheric Administration network system used to process Earth observation data.

Raytheon Awarded Potential $353M Navy Contract for Rolling Airframe Missile Components

Raytheon (NYSE: RTN) has secured a potential $353.3M contract from the U.S. Navy to provide guided missile round packs and spare replacement parts for the Block 2 and 2A variants of the Rolling Airframe Missile system. The contract includes foreign military sales to Turkey, the United Arab Emirates, Saudi Arabia, Egypt and Germany, the Department of Defense said Monday.