The Defense Information Systems Agency needs a few more months to issue a final request for proposal on its $11.7 billion Defense Enclaves Services IT contract. it planned to publish the RFP by September, but now it says – without explanation – that it will release it in the first quarter of fiscal 2021. The contract will consolidate the IT networks of the non-warfighting agencies that support DoD.
The final RFP will also not include previously anticipated criteria for the Cybersecurity Maturity Model Certification, since the standards for the program are still in development. Initially, DISA included requirements for levels three and four of CMMC, but so far there are only a few dozen provisionally accredited assessors, making it difficult for companies to earn a fully credentialed CMMC assessment.
