EDUCAUSE Comments: Department of Defense Cybersecurity Maturity Model Certification (CMMC) Program
- Author(s) and Contributors:
-
- Source(s) and Collection(s):
-
Sources(s): EDUCAUSE Policy Office
- ParentTopics:
Abstract
On September 1, 2020, EDUCAUSE joined the Council on Governmental Relations (COGR), the Association of American Universities (AAU), and the Association of Public and Land-grant Universities (APLU) in sending a letter to the U.S. Department of Defense (DOD) Office of Acquisition and Sustainment. The associations’ comments addressed concerns by the higher education research and information security communities regarding the potential impact of the DOD Cybersecurity Maturity Model Certification (CMMC) Program on fundamental research in higher education. Specifically, the associations requested that the DOD exclude fundamental research from the scope of CMMC. They also asked the DOD to engage the higher education research and information security communities in a constructive dialogue to ensure that the program’s requirements are not improperly imposed on the fundamental research programs and project to which they could ultimately apply.