What is the Interim Rule?
Despite the Department of Defense working relentlessly to roll out the CMMC Framework, it's taking longer than expected. The longer timeline tied with increased cyber attacks has shown that the current frame work is insufficient in its attempt to protect CUI data. Consequently, on September 29, 2020 the Defense Acquisitions Regulation System the DoD released an Interim Rule to increase DoD contractor security in existing DFARS 7012 requirements while CMMC implementation is still in development.
Importantly, this Interim Rule has many new requirements, such as a self-scoring methodology and reporting, as well as increased, random audits at Basic, Medium, and High levels of inspection. These audits will ensure high levels of accuracy in the self-reported standardized scores and that the proper assessments have taken place.
Your Next Steps:
Complete a new assessment: A previous assessment will not contain the necessarily scoring methodology required of the Interim Rule. The November 30th deadline is quickly approaching. This new assessment will be required for all contractors with a 252.204-7012 clause in their agreement, so act quickly.