ISO 9001:2015 - AS9100D Registered

CMMC & NIST SP800-171 (Cybersecurity)

The Cybersecurity Maturity Model Certification (CMMC) is an assessment framework and assessor certification program designed to increase the trust in measures of compliance to a variety of standards published by the National Institute of Standards & Technology, (NIST).

The purpose of the CMMC is to verify that the information systems used by the contractors of the United States Department of Defense to process, transmit or store sensitive data are compliant with the mandatory information security requirements. The goal is to ensure appropriate protection of controlled unclassified information (CUI) and federal contract information (FCI) that is stored and processed by a vendor.

The framework provides a model for contractors in the Defenses Industrial Base, (DIB), to meet the cyber security requirements from NIST SP800-171, namely protecting Controlled Unclassified Information in Nonfederal Systems and Organizations.

Century Fasteners Corp. – CMMC Status Report

  • CFC has registered a self-assessment in the DoD’s SPRS, (Supplier Performance Risk System).
  • Posted last assessment score 10/25/2023: (Score = 110)
  • Currently anticipating a DoD CMMC Level 2 audit in May or June of 2024.
  • Working against our POAM’s in CFC’s SSP, (System Security Plan).
  • Anticipate completion of the POAM’s, (Plan of Action & Milestones) by May of 2024.
  • Century expects the audit to become official in the fall of 2024 when the CMMC requirements are finalized by the federal government.

For additional information or questions contact:

Rich Monahan
Director of IT