The DoD's Own Cyber Monday: Defense Department Releases CMMC Assessment Guides

Client Alert | 1 min read | 12.09.20

Fresh off the heels of the DFARS Interim Rule, the Department of Defense (DoD) released Assessment Guides for Levels 1 - 3 of the Cybersecurity Maturity Model Certification (CMMC). These Guides will be used by Certified Assessors to determine whether contractors have satisfied the practices and processes required to attain CMMC certifications at the level needed to be awarded future DoD contracts. These new assessment procedures, which DoD calls “authoritative,” are leveraged from NIST SP 800-171A, the NIST guidance used to assess compliance with NIST SP 800-171.

A notable inclusion in the Levels 2 – 3 Guide is the assessment criteria used to evaluate a contractor’s implementation of processes for each of the 17 CMMC Domains. Under the CMMC, the DoD has stated that contractors will not be certified at CMMC Levels 2 and above if the contractor has not satisfied both the technical practices and process maturity for the desired level.

These Guides will provide useful insights as contractors prepare for the DoD’s phased implementation of CMMC requirements into all DoD contracts over the next 5 years.

Contacts

Nkechi Kanu
Partner
- Washington, D.C.
  - D | +1 202.624.2872
bmthbnVAY3Jvd2VsbC5jb20=
Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==
Kate M. Growley
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 4 min read | 03.05.26

DOL’s Proposed Independent Contractor Rule Reverts to Prioritize Two Core Factors – Likely Limiting Misclassification Claims by Contractors

The U.S. Department of Labor (DOL) has proposed another revision to independent contractor regulations, one that would provide for more leeway in classifying workers as contractors. DOL’s proposed rule, published on February 26, 2026, would rescind the Biden DOL’s March 2024 independent contractor regulation and reinstate a framework substantially tracking the prior Trump rule of January 2021. The proposed rule would also apply the narrower analysis to worker classifications under the Family and Medical Leave Act (FMLA) and the Migrant and Seasonal Agricultural Worker Protection Act (MSPA). The comment period closes in late April 2026; until then, the 2024 rule remains in effect for purposes of private litigation....

Client Alert | 8 min read | 03.05.26
Fifth Circuit Decision in Health Care Fraud Case Highlights Importance of Careful Drafting in Civil RICO Complaints
Client Alert | 4 min read | 03.04.26
Sixth Circuit Finds EFAA Arbitration Bar to Entire Case — Not Just Sexual Harassment Claims
Client Alert | 3 min read | 03.02.26
Changes to UK Clinical Trials Regulations Take Effect April 28, 2026. New Versions of UK Model Clinical Trial Agreement Forms Pending.

View All Insights