The Pentagon has started its first pathfinder to pilot its new cyber security contracting standards, assessing an existing Missile Defense Agency contract, with plans to begin expanding efforts over the next several months. Lord said DoD's Office of the Chief Information Security Officer for Acquisition (OCISO-A) is working with MDA on the CMMC pathfinder for the unspecified existing contracts to ensure the new program's accreditation body is able to properly assess vendors' supply chain security standards. "The pathfinder encompasses acquisition tabletop exercises, training of mock assessors, conducting mock assessments, that are non-punitive, of a prime contractor and three sub contractors on an existing contract and the demonstration of CMMC-AB processes," Lord said.
展开▼
