This is the main content of the page.


CMMCIt Takes an Ecosystem...


What is the CMMC Ecosystem?

CMMC is poised to be the largest and most ambitious cybersecurity conformance regime ever established. It is estimated that there are between 200,000 and 300,000 companies within the Defense Industrial Base. And while not every DIB company will necessarily be subject to a CMMC mandate, most eventually will. To be successful, the CMMC initiative relies on an entire community of security and training professionals.

CMMC is more than just the third-party assessment organizations and the DIB companies they assess. That relationship is actually the "end-product" of a whole series of inter-related CMMC activities. To get to that point of a CMMC Assessment, an entire "Ecosystem" of individuals, companies, and other organizations, each with their own role, has to work diligently to make CMMC Certification a reality.

The CMMC Ecosystem is a vibrant community composed of the following:


-Registered Practitioners (RPs), and Registered Practitioner Organizations (RPOs), who adivse and assist DIB companies with implementing CMMC;

-Certified CMMC Professionals (CCPs) and Certified CMMC Assessors, who comprise CMMC Assessment Teams.

-Licensed Publishing Partners (LPPs), organizations that develop and publish official CMMC professional certification content;

-Licensed Training Providers (LTPs), who administer and deliver official CMMC courses for professional certified positions;

-Certified CMMC Instructors, who teach the actual CMMC professional certification courses

-CMMC Third-Party Assessment Organizations, the entities that conduct CMMC Assessment of DIB Companies.

It takes all of these participants, along with the Department of Defense and the Defense Industrial Base itself, to bring CMMC to life and make it the cybersecurity success our defense supply chain demands.