CMMCDocs.comCMMC 2.0
Also known as: CMMC 2.0 Program
The current version of the Cybersecurity Maturity Model Certification program, finalized in 32 CFR Part 170 effective December 16, 2024.
CMMC 2.0 is the current iteration of the Department of Defense's Cybersecurity Maturity Model Certification program. It replaced the original CMMC 1.0 framework with a streamlined three-level model and aligned the technical requirements directly to NIST SP 800-171 Rev 2 (for Level 2) and NIST SP 800-172 (for Level 3).
The CMMC 2.0 Final Rule was published in October 2024 as 32 CFR Part 170 and took effect December 16, 2024. The companion acquisition-side rule, amending DFARS 252.204-7021, phases certification requirements into DoD contracts beginning in 2025.
Key features of CMMC 2.0 include: a 180-day window for closing POA&M items at Level 2, an annual senior official affirmation in SPRS, conditional certification status when minor gaps remain, and a streamlined ecosystem of authorized C3PAOs accredited by the Cyber AB.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account