Are there any insider thoughts on when the Cybersecurity Risk Management Construct guidance will be rolled out?
Started by Charles Farrior · Sep 26, 2025 · 4 replies
- COriginal post
Charles Farrior
Sep 26, 2025 · 8mo ago
This was just announced out of the DoD CIO office yesterday, but the implementation is purportedly 10 November. That is not much time for active and planned solicitations
- M
Mattt
Sep 29, 2025 · 8mo ago
If you are referencing CMMC, it is ridiculous gov’t bureaucracy at its finest. CMMC is centered around protecting CUI. CUI is unclassified information. It is a waste of time and money.
- N
Neil Roberts
Sep 29, 2025 · 8mo ago
@Charles Farrior
See 90 Fed. Reg. 43560 https://www.govinfo.gov/app/details/FR-2025-09-10/2025-17359 effective November 10, 2025
- N
Neil Roberts
Sep 29, 2025 · 8mo ago
Department of War Construct Guidance https://www.war.gov/News/Releases/Release/Article/4314411/department-of-war-announces-new-cybersecurity-risk-management-construct/
@Charles Farrior are you asking if someone has inside info to fill in the dates for the construct elements????
- C
Charles Farrior
Oct 24, 2025 · 7mo ago
@Neil Roberts I think you answered the question. We are going to have to wait for the DoD implementation guidance before we take any action(s).