Keiter Technologies: ITAR Impacts CMMC’s FedRAMP Requirements

By Keiter CPAs

Keiter Technologies: ITAR Impacts CMMC’s FedRAMP Requirements

Examining the bridge between CMMC and ITAR requirements

As part of a series of articles about CMMC Level 1 Practices, the Keiter Technology team discusses the bridge between Cybersecurity Maturity Model Certification (CMMC) and International Traffic in Arms Regulations (ITAR), offering their insights into what Department of Defense (DoD) contractors should consider.

CMMC is a cybersecurity requirement from the DoD aimed at protecting Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). CMMC requirements vary by the type of information handled: Level 1 for FCI, and Levels 2 or 3 for CUI. These level 2 and 3 requirements apply to the Organization Seeking Assessment (OSA) as well as their External Service Providers (ESPs), like Cloud Service Providers (CSPs).

CMMC Proposed Rule requires that CSPs be, at least, FedRAMP Moderate Authorized or Equivalent. This limits the population of CSPs to those listed in the FedRAMP Marketplace and those which have received a separate Equivalency determination in accordance with the DoD CIO’s memorandum.

To learn more about the impact this Rule may have on you as a contractor, read the full article here:

If you want to learn more about CMMC, Keiter’s team of cybersecurity specialists can help you. Email | Call: 804.747.0000.


Share this Insight:

About the Author

Keiter CPAs

Keiter CPAs

Keiter CPAs is a certified public accounting firm serving the audittax, accounting and consulting needs of businesses and their owners located in Richmond and across Virginia. We focus on serving emerging growth businesses and companies in the financial servicesconstructionreal estatemanufacturingretail & distribution industries and nonprofits. We also provide business valuations and forensic accounting servicesfamily office services, and inbound international services.

More Insights from Keiter CPAs

The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.


Contact Us