In September, DoD finalized the CMMC Program, along with the accompanying contract clauses, with an effective date of Nov. 10, 2025. As we discussed in previous GT Alerts, defense contractors will be expected to conduct self-assessments or third party assessments in accordance with requirements in NIST SP 800-171 and NIST SP 800-172. A key element of those assessments will be the SSP, which is a required document under NIST SP 800-171 rev. 2, control 3.12.4, and is one of the first review items in a Level 2 pre-assessment. Critically, recent reports from third-party assessors estimate that 25% of the companies seeking certification have experienced false starts due to a failed pre-assessment, meaning they were unable to validate the contractors’ readiness to advance to the actual assessment.

Click here to read the full GT Alert.

Tags: government contracts, GT Insight
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Eleanor M. Ross Eleanor M. Ross

Eleanor (Elle) Ross advises government contractors from a diverse range of industries on regulatory matters including compliance with government regulations, contract disputes, defense of claims, and government investigations. She litigates bid protests before the Court of Federal Claims and the Government Accountability Office.

Eleanor (Elle) Ross advises government contractors from a diverse range of industries on regulatory matters including compliance with government regulations, contract disputes, defense of claims, and government investigations. She litigates bid protests before the Court of Federal Claims and the Government Accountability Office. She advises clients in connection with an array of agreements and multi-award procurements, including challenging award decisions in a variety of fora.

Elle also counsels clients on federal and state compliance obligations, particularly in connection with cybersecurity (including CMMC and NIST requirements) and supply chain risk management practices. She works with clients to understand government regulations and to develop compliance plans and to implement those plans. She also assists with making mandatory and voluntary disclosures to federal agencies and represented clients in subsequent investigations and administrative proceedings. She manages sanctions proceedings against contractors, including cases alleging fraud and corruption.

Elle also represents clients in commercial contract disputes, both in mediation and in federal court.

Previously, Ms. Ross was a legal consultant to World Bank Office of Suspension and Debarment, where she reviewed cross-border investigations to determine contractor compliance with World Bank regulations.

Read more about Eleanor M. RossEleanor M.'s Linkedin Profile
Show more Show less
Photo of Cassidy Kim Cassidy Kim

Cassidy Kim focuses her practice on government contracts and procurement matters. Cassidy also advises clients on cybersecurity and privacy compliance issues. She has worked with clients operating in an array of industries to navigate these sectors of the law, including providers of critical…

Cassidy Kim focuses her practice on government contracts and procurement matters. Cassidy also advises clients on cybersecurity and privacy compliance issues. She has worked with clients operating in an array of industries to navigate these sectors of the law, including providers of critical government infrastructure solutions, enterprise cloud services, EdTech, and autonomous defense systems.

Cassidy advises clients on litigating bid protests and claims involving state and federal level government procurements, including before the Government Accountability Office, U.S. Court of Federal Claims, and the California Department of General Services. She also provides industry-specific counsel on the CCPA/CPRA, GDPR, NIST, and related privacy and cybersecurity matters. Cassidy has developed consumer-facing privacy disclosures, B2B data transfer agreements, and employee compliance procedures. She has also led strategy on responses to regulatory actions and advised on supply chain risk management practices.

Prior to Greenberg Traurig, Cassidy worked as counsel at the Federal Reserve Bank of San Francisco, where she managed negotiations and provided strategic advice on San Francisco Fed and other Federal Reserve System contracts and procurement efforts across core business groups.

Read more about Cassidy Kim
Show more Show less
Photo of Olivia Bellini Olivia Bellini

Olivia Bellini is a member of the Government Contracts Practice in Greenberg Traurig’s Northern Virginia office. She litigates pre-award and post-award bid protests before the Government Accountability Office and the Court of Federal Claims. She also assists in representations involving contracts disputes, and…

Olivia Bellini is a member of the Government Contracts Practice in Greenberg Traurig’s Northern Virginia office. She litigates pre-award and post-award bid protests before the Government Accountability Office and the Court of Federal Claims. She also assists in representations involving contracts disputes, and suspensions and debarments against federal agencies.

Olivia's Linkedin Profile
Show more Show less
Related Posts
abstract
Recapping CMMC Level 3: Considerations for Government Contractors
October 16, 2025
shutterstock_273128801
Recapping CMMC Level 2: Considerations for Government Contractors
October 13, 2025
Cyber Image
Recapping CMMC Level 1: Considerations for Government Contractors
October 9, 2025