The IT-AAC and CMMC-COE applaud the work of the ITI Cyber Policy team regarding Cyber Certification approaches.  Several of these recommendations have already been integrated into the work of the CMMC-COE.

“Yet, on the issue of self attestation, we believe the body of evidence does not support this approach as evidenced by the billions in lost IP to our enemies, and CMMC-COE moves the needle in the right direction.” says Bob Dix, Senior Vice President of & Strategy. 

CMMC-COE is also addressing the need for guidance via a new offering ‘Enterprise Architecture Assessment & Remediation Services’ on how to sort through the myriad of Cyber/XaaS offerings that few organizations can effectively discern, and will be applying ICH’s highly regarded Architecture Assurance Framework to guide future investment decisions.