The Cybersecurity Maturity Model Certification Center of Excellence ( CMMC COE ), hosted by the Information Technology Acquisition Advisory Council (IT-AAC), a public-private partnership serving the public and private sectors for more than 15 years, is proud to announce a Memorandum of Understanding with CREST International, an international not-for-profit certification and accreditation body that supports the global technical information security market and is headquartered in the UK.
This unique partnership will extend efforts to advance the goals and objectives for improving the cyber and supply chain security and resilience of the US Department of Defense (DoD) global Defense Industrial Base (DIB) network of contractors, suppliers, and vendors through an evaluation process intended to validate the capabilities, experience, and integrity of CMMC COE provider partners.
The executed MOU establishes a cooperative agreement between CREST International and the CMMC COE, in coordination with the CMMC COE EU ( http://cmmc-eu.com ), to partner in the furthering of their respective and complementary missions and objectives regarding the adoption, use, and expansion of CMMC based cybersecurity practices for the DIB contractor community and the information and communications technology community creating a broader CMMC ecosystem to improve security and resilience across the global defense industrial base.
CREST ( www.crest-approved.org ) provides internationally recognized accreditations for organizations providing technical security services and also includes professional level certifications for individuals providing vulnerability assessment; penetration testing, cyber incident response; threat intelligence; and security operations center ( SOC ) services.
“This is a momentous occasion for us”, said Mr. John Weiler, Chairman of the Board at CMMC Center of Excellence, “Our global expansion will further help advance the goals and objectives for improving the supply chain security and resilience of the US Department of Defense (DoD) beyond North America”.
“This new partnership between CREST and CMMC COE will play an important role in strengthening the resilience and protection of vital critical national infrastructure through structured testing to validate security defenses and controls, carried out by highly-qualified and certified professionals,” said Tom Brennan, Chairman of CREST USA. “It is vital that the buying communities in both the public and private sectors have the confidence and trust that their employees, contractors or suppliers have the highest levels of knowledge, skill and competence.”
With locations in Europe, Asia, Australia, and the United States, the partnership reinforces a foundation of global capability for the validation of CMMC providers in 1) training & education; 2) readiness assessment 3) development and implementation of a tailored plan of action & milestones to advance preparedness, and 4) continuous monitoring to ensure maintenance of certification compliance.
The CMMC-COE ( www.cmmc-coe.org ) and the CMMC COE EU (https://cmmc-eu.com/ ) will continue to focus on bringing together the many disparate cyber and national security communities of interest to reduce complexity, improve awareness, and accelerate industry effort to become more cyber resilient against the growing threats from nation states and criminal enterprises.
The CMMC-COE partner network will be sharing a wide range of capabilities from member organizations, including; cyber standards frameworks, education, solution architectures, cyber mentoring, workforce, and other elements needed to scale to the demands of the entire DIB market place in the US and abroad (400,000 contractors).
For more information on the CMMC COE EU, please visit https://cmmc-eu.com/
For more information on CREST, please visit www.crest-approved.org
The CMMC-COE is hosted by the Information Technology Acquisition Advisory Council (IT-AAC), a public/private partnership (P3) chartered in 2007 as an honest broker to reach outside the confines of the Federal IT advisories that lack dynamic reach into the Global IT Market, and dedicated to the adoption of commercial IT management standards of practice and innovations emanating from the Global IT market. Team IT-AAC has already demonstrated the value of its decade long investment, and provides a unique value to agencies seeking to achieve accelerate the transformation of legacy processes and systems. Our Just-in-Time SMEs apply an innovative suite of Technology Business Management and Agile Acquisition Processes needed to assure the business value of commercial IT.
The Interoperability Clearinghouse (ICH), is the managing partner that make up the 24 NGO/SDO organizations that make up the IT-AAC. ICH provides the contract vehicles, clearances, and critical resources proven to guide sustainable, measurable and repeatable processes needed to drive better investment decisions as the speed of mission need, while aligning existing processes, methods and workforce with IT reform mandates contained in Clinger Cohen Act, FITARA, IT MGT Act, EO13838.