A Conformity Assessment Readiness Review (CARR) means a 3rd party organization conducts the testing or evaluation of a limited set of a non-Federal organization’s security controls to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the NIST SP 800-171 and Federal Agency specified security requirements for CMMC Level 2 and NIST SP 800-172 for CMMC Level 3 for the non-Federal organization’s information system. The results of a CARR are not reported to DoD and are used as a milestone decision point prior to entering into the full-scope Certification Assessment.
Social Contact