Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · National Defense Authorization Act for Fiscal Year 2022 · Sec. 1533

Sec. 1533. REPORT ON THE CYBERSECURITY MATURITY MODEL CERTIFICATION PROGRAM

323 words·~1 min read·/statute-compilations/comps-16861/sec-1533

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 1533 REPORT ON THE CYBERSECURITY MATURITY MODEL CERTIFICATION PROGRAM ###
(a)Report Required Not later than 90 days after the date of the enactment of this Act, the Secretary of Defense shall submit to the Committee on Armed Services of the Senate and the Committee on Armed Services of the House of Representatives a report on the plans and recommendations of the Secretary for the Cyber Maturity Model Certification program. ###
(b)Contents The report submitted under subsection
(a)shall include the following: ####
(1)The programmatic changes required in the Cyber Maturity Model Certification program to address the plans and recommendations of the Secretary of Defense referred to in such subsection. ####
(2)The strategy of the Secretary for rulemaking for such program and the process for the Cybersecurity Maturity Model Certification rule. ####
(3)The budget and resources required to support such program. ####
(4)A plan for communication and coordination with the defense industrial base regarding such program. ####
(5)The coordination needed within the Department of Defense and between Federal agencies for such program. ####
(6)The applicability of such program requirements to universities and academic partners of the Department. ####
(7)A plan for communication and coordination with such universities and academic partners regarding such program. ####
(8)Plans and explicit public announcement of processes for reimbursement of cybersecurity compliance expenses for small and non-traditional businesses in the defense industrial base. ####
(9)Plans for ensuring that persons seeking a Department contract for the first time are not required to expend funds to acquire cybersecurity capabilities and a certification required to perform under a contract as a precondition for bidding on such a contract without reimbursement in the event that such persons do not receive a contract award. ####
(10)Clarification of roles and responsibilities of prime contractors for assisting and managing cybersecurity performance of subcontractors. ####
(11)Such additional matters as the Secretary considers appropriate.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.