Board Criteria

  • Board members self-nominate
  • Board chairman will select Directors, who are then approved by the board
  • No more than 1 Director from any single organization 
  • US Citizen
  • Non-felon, must be able to obtain clearance
  • Director terms are staggered from 1-3 years
  • May not work for a company planning to perform CMMC assessments
  • Any Director may serve no more than two 3 year terms and partial terms
  • Personal commitment to protecting the United States through improved cybersecurity
  • 40+ hours of time per month on average during the first year
  • Monthly board meetings 
  • Frequent Committee meetings
  • DoD Supply Chain Community leadership through board committees and advisory councils
  • Minimum of two in-person meetings per year in the DC area (travel expenses reimbursed)
The CMMC-AB is accountable for delivering:
  1. The assessments for 300,000+ companies in the DoD supply chain
  2. Training for assessors and C3PAOs (Certified 3rd Party Assessor Organizations)
  3. Infrastructure to support its mission
  4. Accreditation of organizations and assessors participating in the process
  5. Adjudication of any protests or issues that develop with individual contractors or audits
  6. Forward-thinking innovation to automate and improve the cybersecurity defensive posture of the supply chain
Board Ethics

Site Improvements? webmaster@cmmcab.org
© 2020 CMMC (Cybersecurity Maturity Model Certification) Accreditation Body