CMMC 2.0 and Supply Chain Risk: Integrating SBOM Governance Into Defense Contractor Compliance

Visual representation of advanced smart technology and devices, symbolizing the future of the Internet of Things

Author: Gnanendra Reddy, ISO/IEC 27001 LA
Date Published: 6 May 2026
Read Time: 12 minutes

In October 2024, the United States Department of Defense (DoD) finalized the Cybersecurity Maturity Model Certification (CMMC) 2.0 rule...

Members, login to keep reading.

Not a member but want to read more?
Explore ISACA member benefits today.

Additional resources

Certification

ISACA Named New CAICO for DoW CMMC Oversight

ISACA is the new CAICO, trusted by the Department of War to serve as the authority responsible for CMMC training and certification quality across the Defense Industrial Base (DIB).

Blog Post

CMMC Program Provides New Career Pathways for ISACA Members

ISACA's role as CMMC Assessor and Instructor Certification Organization (CAICO) provides ISACA members new cybersecurity career pathways while strengthening ISACA's standing as a leader in developing the global cybersecurity workforce.

5 March 2026

An illustration depicting the transformation of the digital landscape and its impact on modern work methods.

ISACA Journal Article

Commercial Cybersecurity in the Post-Quantum Era: Applying NSA CSfC Principles

Organizations can prepare for a controlled post-quantum transition by adapting CSfC principles to improve cryptographic resilience.

Author: Jim West

CMMC 2.0 and Supply Chain Risk: Integrating SBOM Governance Into Defense Contractor Compliance

Members, login to keep reading.

Not a member but want to read more? Explore ISACA member benefits today.

Additional resources

Not a member but want to read more?
Explore ISACA member benefits today.