DoD Compliance: The Differences Between


            CMMC and NIST SP 800-171


            By Joe Coleman / Cyber Security Officer, CMMC RPA / Bluestreak Consulting™



            Introduction

            In the world of Department of Defense (DoD) compliance and regulatory requirements, many acronyms
            and standards are being used. These acronyms and standards help businesses define who they are,
            what they do, and how they manage their processes to be compliant. In this article, we’ll cover some
            common acronyms in information security compliance as well as discuss the similarities and differences
            between CMMC 2.0 & NIST SP 800-171.

            What is CMMC?

            Cybersecurity Maturity Model Certification (CMMC) is a certification aimed at evaluating the maturity of
            an organization's cybersecurity program. Developed by the Department of Defense (DoD), its primary
            objective is to equip the extensive Defense Industrial Base (DIB) contractors, with over 400,000 of them,






                                                                                                            187