{"id":3894,"date":"2025-12-18T11:38:14","date_gmt":"2025-12-18T11:38:14","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2025\/12\/18\/isaca-named-global-credentialing-authority-for-dods-cmmc-program\/"},"modified":"2025-12-18T11:38:14","modified_gmt":"2025-12-18T11:38:14","slug":"isaca-named-global-credentialing-authority-for-dods-cmmc-program","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/12\/18\/isaca-named-global-credentialing-authority-for-dods-cmmc-program\/","title":{"rendered":"ISACA Named Global Credentialing Authority for DoD\u2019s CMMC Program"},"content":{"rendered":"<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>ISACA has been appointed by the US Department of Defense (DoD) as the global credentialing authority for the Cybersecurity Maturity Model Certification (CMMC) program, ensuring defense contractors meet strict cybersecurity standards.<\/p>\n<p>The DoD introduced CMMC\u00a0in 2020 to make sure companies protect sensitive information when working on government contracts.<\/p>\n<p>The program requires contractors handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) to implement adequate cybersecurity practices to protect the defense industrial base.<\/p>\n<p>On September 10, 2025, the DoD published its final CMMC rule in the\u00a0Federal Register, which took effect on November 10, 2025, officially launching a three-year rollout of cybersecurity requirements across DoD contracts.<\/p>\n<p>By 2028, all organizations supplying or working into the DoD\u00a0will need to be equipped with a CMMC credential delivered by ISACA.<\/p>\n<p>ISACA is now the exclusive CMMC Assessor and Instructor Certification Organization (CAICO), responsible for training, examining and certifying professionals, assessors, and instructors across the CMMC ecosystem.<\/p>\n<h2><strong>CMMC Rules to Impact 200,000 Global Contractors by 2028<\/strong><\/h2>\n<p>As the CMMC framework is phased into US procurement from 2025 to 2028, over 200,000 organizations\u00a0are expected to be impacted, according to ISACA.<\/p>\n<p>This includes many European\u00a0organizations\u00a0that handle CUI or FCI, or that support certain prime contractors, which will also need to be CMMC certified.\u00a0<\/p>\n<p>\u201cAcross Europe, organizations are moving toward more structured, verifiable cyber maturity practices, particularly those engaged in cross-border defense and high-tech supply chains,\u201d\u00a0said Christos Dimitriadis, chief global strategy officer at ISACA.\u00a0<\/p>\n<p>\u201cThere is a global shortage of qualified cybersecurity assessors. By leading the CMMC credentialing program, ISACA is helping build a trusted workforce capable of supporting organizations as they strengthen their cyber resilience.\u201d<\/p>\n<p>ISACA argued that the CMMC framework aligns closely with the direction European regulators are taking under\u202fNIS2 and DORA, where independently verifiable cyber maturity and supply chain security are becoming essential requirements for businesses.<\/p>\n<p>\u201cWhile compliance is important, the underlying driver for CMMC and for cyber maturity efforts across Europe is the need to protect organizations against increasingly advanced threats. Strengthening cyber maturity is now fundamental to safeguarding continuity,\u00a0resilience\u00a0and trust,\u201d he added.<\/p>\n<p>The CAICO role was previously performed by The Cyber AB which remains the official accreditation body for the CMMC program.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>ISACA has been appointed by the US Department of Defense (DoD) as the global credentialing authority for the Cybersecurity Maturity Model Certification (CMMC) program, ensuring defense contractors meet strict cybersecurity standards. The DoD introduced CMMC\u00a0in 2020 to make sure companies protect sensitive information when working on government contracts. The program requires contractors handling Federal Contract<\/p>\n","protected":false},"author":2,"featured_media":3895,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3894","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/12\/3894-b7067536-4c2d-4dad-872f-c31282744c56-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=3894"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3894\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/3895"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=3894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=3894"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=3894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}