Summary of Changes to CMMC with Release of v0.7

Draft 0.7 of the Cybersecurity Maturity Model Certification (CMMC) framework was released today by USD(A&S). Our initial takeaways regarding the changes from v0.6 to v0.7 are:

  • There was no change to the number of domains, but additional capabilities were added to the following domains:

  • There were no changes to the practices in Level 1.
  • Three practices have been moved from Level 2 to Level 3.
    • 2 practices from the Access Control domain
    • 1 practice from Systems and Communications Protection domain
  • Level 4 practices decreased by a total of 36, from 62 in v0.6 to 26 practices in v0.7.
  • Level 5 practices decreased by a total of 10, from 26 in v0.6 to 16 practices in v0.7.

We will be releasing a more in-depth analysis of the changes between v0.6 and v0.7 soon.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Let's talk

If you want to get a free consultation without any obligations, fill in the form below and we'll get in touch with you.