This is the main content of the page.


Consistency and AccountabilityCMMC Accreditation

What is Accreditation?

Under the International Standards Organization (ISO) definition, accreditation is the "third-party attestation related to a conformity assessment body conveying formal demonstration of its competence to carry out specific conformity assessment tasks." Alrighty then. In simpler terms, and specific to CMMC, accreditation is the formal standard and validation process to ensure that C3PAOs are qualified to conduct CMMC Assessments of DIB companies. There is a lot at stake for organizations seeking CMMC Certification–first and foremost, the ability to bid and win Department of Defense procurement and acquisition contracts. It is imperative for the success of CMMC that every organization seeking CMMC certification be assessed impartially, accurately, and with consistency and integrity. The Department of Defense, in establishing the CMMC program, has imposed eligibility, authorization, and accreditation requirements for all C3PAOs. It is the responsibility of The Cyber AB to enforce these requirements and administer the requisite processes.

The process of accreditation is rigorous. It culminates with an assessment conducted by a team of experienced and qualified professionals to affirm the standards are satisfied. Once accreditation is achieved, it is in force for a set term and requires periodic renewal to ensure standards are maintained.

International Organization for Standardization  

ISO (the International Standards Organization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest and on all matters of electrotechnical standardization. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the standards work.

The Cyber AB is in the process of pursuing recognition as an international accreditation body that meets ISO/IEC requirements under the 17011 standard. Upon attaining that recognition, The Cyber AB will begin to accredit CMMC Third-Party Assessment Organizations under the ISO standards for conformity assessments bodies.

ISO/IEC Standards

ISO/IEC 17011



ISO/IEC 17020



ISO/IEC 17024


Certifying Professionals