CMMC announces new advisory council to collect industry feedback


The governing body for the Defense Department's cybersecurity compliance program has launched a new organization charged with getting defense contractors' feedback on the implementation process.

The CMMC advisory council will "provide a crystallizing, unified voice" for defense contractors seeking certification and "supply key feedback, input and recommendations for implementing CMMC" said Karlton Johnson, the chair of the CMMC Accreditation Body.

The council is separate from the board of directors and will operate between the defense industry base, the CMMC Accreditation Body and the Defense Department.

"The [industry advisory council] will serve as a crucible for industry dialogue, bringing the best and brightest together to address cyber readiness challenges in the [defense industry base] and strengthen CMMC to its maximum potential," Johnson said in a statement announcing the move on April 6.

Johnson told FCW via email the council will provide public reports on feedback and recommendations at least annually. The AB is also planning to add town hall sessions dedicated to the IAC once it's operational.

"Once operational, we anticipate a focused town hall session on the IAC periodically. Since we started public town halls the last Tuesday of every month, we will establish a more regular calendar of rotating topics throughout the year focused on" the CMMC's various components including third party assessment organizations (C3PAOs).

One of the first issues the council will likely target, Johnson said, will be the cost of CMMC's implementation.

"One area that has garnered a lot of interest recently has been the true cost of compliance," Johnson said. "The IAC can serve as the central collection mechanism for real implementation, assessment and remediation cost to become certified for large and small businesses alike."

Yong-Gon Chon, who serves as the CMMC board's treasurer, will lead the council and serve as a facilitator. The council has 12 members from across industry.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected