Print View

Your printed page will look something like this.

Inaugural Certified Third-Party Assessment Organization Enters the CMMC Marketplace

Significant Milestone Signals the Advent of CMMC Ecosystem Activity


BETHESDA, Md.--(BUSINESS WIRE)--The CMMC Accreditation Body (CMMC-AB) today announced the authorization of the first Certified Third-Party Assessment Organization (C3PAO) within the growing Cybersecurity Maturity Model Certification (CMMC) ecosystem. This company passed the CMMC Maturity Level 3 (ML3) assessment performed by the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) and then met the remaining C3PAO administrative and personnel requirements. The CMMC-AB placed the company into the marketplace today where additional details are disclosed.

“Reaching this step in getting the CMMC ecosystem up and running is a significant milestone and we look forward to authorizing additional C3PAOs in the coming days and weeks,” said CMMC-AB chief executive Matthew Travis. “As recent events emphasize how aggressively cyber threat actors are targeting our nation, the role of CMMC is more vital than ever as we take a united approach to protecting critical assets and information within the Defense Industrial Base.”

Within the CMMC Framework, C3PAOs are the authorized entities that conduct the maturity level assessments for those organizations throughout the DIB seeking CMMC certification. The inaugural C3PAO and those that follow are now authorized to schedule assessments with companies seeking certification. Actual assessments themselves can commence this summer once all supporting CMMC program materials are finalized in the coming weeks.

To learn more about the accreditation process and the CMMC-AB, please visit: