ISACA Appointed as Global Credentialing Authority for DoD CMMC Program

First reported

17.12.2025 16:05

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

ISACA has been designated by the US Department of Defense (DoD) as the global credentialing authority for the Cybersecurity Maturity Model Certification (CMMC) program. This role involves ensuring defense contractors meet strict cybersecurity standards. The CMMC program, introduced in 2020, mandates that contractors handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) implement robust cybersecurity practices. The final CMMC rule was published on September 10, 2025, and took effect on November 10, 2025, initiating a three-year rollout of cybersecurity requirements across DoD contracts. By 2028, all organizations working with the DoD must obtain a CMMC credential delivered by ISACA. ISACA is now the exclusive CMMC Assessor and Instructor Certification Organization (CAICO), responsible for training, examining, and certifying professionals within the CMMC ecosystem. The CMMC framework is expected to impact over 200,000 global contractors by 2028, including many European organizations. ISACA emphasizes the importance of building a trusted workforce to support cyber resilience and aligns the CMMC framework with European regulatory directions under NIS2 and DORA.

Timeline

17.12.2025 16:05 1 articles · 7h ago

ISACA Appointed as Global Credentialing Authority for DoD CMMC Program
On September 10, 2025, the DoD published its final CMMC rule, which took effect on November 10, 2025. ISACA has been designated as the global credentialing authority for the CMMC program, responsible for training, examining, and certifying professionals. The CMMC framework is expected to impact over 200,000 global contractors by 2028, including many European organizations. ISACA aligns the CMMC framework with European regulatory directions under NIS2 and DORA.
Show sources

ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
Open in new tab

Information Snippets

ISACA has been appointed by the DoD as the global credentialing authority for the CMMC program.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
The CMMC program requires contractors handling FCI and CUI to implement adequate cybersecurity practices.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
The final CMMC rule was published on September 10, 2025, and took effect on November 10, 2025.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
By 2028, all organizations working with the DoD must obtain a CMMC credential delivered by ISACA.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
ISACA is now the exclusive CMMC Assessor and Instructor Certification Organization (CAICO).
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
The CMMC framework is expected to impact over 200,000 global contractors by 2028.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05
ISACA aligns the CMMC framework with European regulatory directions under NIS2 and DORA.
First reported: 17.12.2025 16:05

1 source, 1 article
Show sources
- ISACA Named Global Credentialing Authority for DoD’s CMMC Program — www.infosecurity-magazine.com — 17.12.2025 16:05