Federal Contract Information (FCI), as outlined in Federal Aquisition Regulation (FAR) 52.204-21 Basic Safeguarding of Covered Contractor Information Systems, is “information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public websites) or simple transactional information, such as necessary to process payments.”

How does this pertain to the Cybersecurity Maturity Model Certification (CMMC)?

Defense contractors, or subcontractors, that will process, store, or transmit FCI on the contractor or subcontractor information systems will be required to implement CMMC Level 1.

This includes new solicitations, contracts, task orders, and delivery orders.

It will also be in effect when option periods are exercised.

Federal Aquisition Regulation (FAR) 52.204-21 Basic Safeguarding of Covered Contractor Information Systems outlines the 15 basic safeguard requirements that contractors or subcontractors must meet to be in compliance with CMMC Level 1.

Cyber Maturity Consulting, LLC provides CMMC Level 1 (FCI) Consulting services to help you meet these requirements. Reach out to us today!