Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · STATUTE-COMPILATIONS · National Defense Authorization Act for Fiscal Year 2022 · Sec. 866

Sec. 866. REPORT ON CYBERSECURITY MATURITY MODEL CERTIFICATION EFFECTS ON SMALL BUSINESS

296 words·~1 min read·/statute-compilations/comps-16861/sec-866

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

## SEC. 866 REPORT ON CYBERSECURITY MATURITY MODEL CERTIFICATION EFFECTS ON SMALL BUSINESS Not later than 180 days after the date of the enactment of this Act, the Secretary of Defense shall submit to the congressional defense committees, the Committee on Small Business and Entrepreneurship of the Senate, and the Committee on Small Business of the House of Representatives a report on the effects of the Cybersecurity Maturity Model Certification framework of the Department of Defense on small business concerns (as defined under section 3 of the Small Business Act (15 U.S.C. 632), including— ####
(1)the estimated costs of complying with each level of the framework based on verified representative samples of actual costs of compliance small business concerns and an explanation of how these costs will be recoverable by such small business concerns; ####
(2)the estimated change in the number of small business concerns that are part of the defense industrial base resulting from the implementation and use of the framework; ####
(3)explanations of how the Department of Defense will— #####
(A)mitigate negative effects to such small business concerns resulting from the implementation and use of the framework; #####
(B)ensure small business concerns are trained on the requirements for passing a third-party assessment, self-assessment, or Government-assessment, as applicable, for compliance with the relevant level of the framework; and #####
(C)work with small business concerns and nontraditional defense contractors (as defined under section 2302 of title 10, United States Code) to enable such concerns and contractors to bid on and win contracts with the Department without first having to risk funds on costly security certifications; and ####
(4)the plan of the Department for conducting oversight of third parties conducting assessments of compliance with the applicable protocols under the framework.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 866
REPORT ON CYBERSECURITY MATURITY MODEL CERTIFICATION EFFECTS ON SMALL BUSINESS
U.S.C.§ 632
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.