Glossary
Does your head spin with all the acronyms and terminology within with CMMC ecosystem??
We've put together a glossary page to help you!
.png "Glossary (1)")
.png "CMMC Page image (1)")
CMMC Ecosystem Glossary
32CFR – the principal set of rules and regulations issued by federal agencies of the United States regarding national defense
C3PAO – CMMC Third Party Assessment Organization
CCA – Certified CMMC Assessor
CCP – Certified CMMC Professional
CMMC – Cybersecurity Maturity Model Certification
CSP – Cloud Service Provider
CUI – Controlled Unclassified Information
DCMA – Defense Contract Management Agency
DFAR – Defense Federal Acquisition Regulation
DFARS – Defense Federal Acquisition Regulation Supplement
DIBCAC – DoD Industrial Base Cybersecurity Assessment Center
DoD – Department of Defense
ESP – External Service Provider
FAR – Federal Acquisition Regulation
FCI – Federal Contract Information
FedRAMP – Federal Risk and Authorization Management Program
ISO 17020 – a conformity assessment that includes requirements for the operation of various types of bodies performing inspections and risk assessments
JSVA – Joint Surveillance Voluntary Assessment
MSP – Managed Service Provider
MSSP – Managed Security Service Provider
OSC – Organization Seeking Certification
POA&Ms – Plan of Action and Milestones
RP – Registered Practitioner
RPA – Registered Practitioner Advanced
RPO – Registered Practitioner Organization
SPRS – Supplier Performance Risk System
SSP – System Security Plan