The United States Department of Defense (“DoD”) has begun its “Joint Surveillance Program” in conjunction with the CyberAB, the organization tasked with overseeing the CMMC ecosystem.
Under the Joint Surveillance Program, members of DoD’s Defense Industrial Base Cybersecurity Assessment Center (“DIBCAC”) accompany and oversee representatives from CyberAB authorized Certified 3rd Party Assessment Organizations (“C3PAOs”) as they conduct a joint assessment of contractor companies who volunteer for the joint assessments. If the contractor meets all of the joint assessment requirements, the contractor is awarded a 110 point score in the Supplier Performance Risk System (“SPRS”) and that score is annotated as having been conducted by DIBCAC, giving contracting officers a score a higher level of assurance in that score.
The CyberAB and DoD also expect, depending on how the rule change process proceeds, to award those contractors who “pass” the joint surveillance assessment (i.e., who are awarded 110 points) with a CMMC certification once the certification process officially begins later this year.
To date, five (5) companies have passed the joint assessments. Aero-Glen International was the first of these companies. Representatives of Aero-Glen will be participating a session entitled “Tales from the Trenches: How Aero-Glen Successfully Satisfied DIBCAC/C3PAO Joint Surveillance Requirements” on January 20, 2023 at the CMMC Implementation Conference.
Conference registration is open now, and if you register by December 15 using the code “CICCMMCInfo” (without the quotes) you will receive $100 off the general admission price.