By Greg Kent

Fall will be here before you know it, so now is a good time for DoD contractors to review their business development and contract strategy for the coming year. With CMMC being required for bidding on new contracts towards the end of 2020, there are big changes on the horizon. Once the final DFARS Rule 2019-D04 is officially implemented, CMMC standards will go into effect.

While no contract awards under CMMC will happen this year, the CMMC Advisory Board has been accepting applications from prospective C3PAOs and expects to graduate the first provisional group of C3PAOs in August or September 2020. Once this happens, DoD contractors will be able to start applying for CMMC assessments.


To prepare now, DoD contractors need to perform gap assessments to identify risks and to accurately scope the work necessary to meet compliance requirements for CMMC. Developing a successful remediation strategy is key to preparing for CMMC effectively.  Although the goal is to achieve compliance with existing investments, some situations net contractors a 2-for-1 advantage by leveraging new solutions to eliminate costly legacy system remediation efforts while providing functionality that fuels business growth.  A trusted cybersecurity partner provides invaluable experience that results in certainty and efficiency with your CMMC initiative.

Ready to sharpen your pencils and develop a winning plan for CMMC compliance and continued growth of your DoD business line?   SecureIT is ready to roll up our sleeves and help prepare you for successful certification.  Contact us to learn more and read our CMMC preparation eBook here.