Cybersecurity Maturity Model Certification (CMMC)
ID: EV00000864 • State: Oklahoma
Opportunity Assistant
Loading
Description
Background
The Department of Commerce is seeking potential suppliers to provide Cybersecurity Maturity Model Certification (CMMC) services as part of a phased pilot program aimed at assisting Oklahoma small and medium-sized businesses (SMBs) in understanding, preparing for, and achieving CMMC compliance. This initiative aligns with Department of Defense (DoD) standards and aims to reduce barriers for SMBs in the defense supply chain that currently lack the capacity to meet these rigorous cybersecurity requirements.
Work Details
The contract will involve two levels of services: Level 1 and Level 2.
Level 1 Services include foundational development and provision of training, which involves delivering an on-demand 'CMMC 101' webinar tailored for Oklahoma companies, providing remote and/or in-person instructional sessions on CMMC requirements, developing a Vendor Resource Matrix with qualified vendors, and documenting experience with CMMC and NIST 800-171.
Level 2 Services focus on the development and execution of CMMC assessments. This requires the creation of a Unified CMMC Readiness Checklist aligned with NIST 800-171, facilitating engagement between certified assessors and businesses, and supporting documentation preparation and technical remediation activities. The vendor must also propose a pricing structure that may exclude technical remediation from the flat fee for Level 2 services.
Period of Performance
The services will be provided on an as-needed basis following contract award, with specific timelines for deliverables determined based on program requirements and funding availability.
Place of Performance
The services will primarily be performed in Oklahoma, targeting small and medium-sized businesses within the state's defense supply chain.
Bidder Requirements
Bidders must demonstrate expertise in CMMC/NIST 800-171 compliance, have current credentials as a Registered Provider Organization (RPO) or Certified Third Party Assessment Organization (C3PAO), and possess experience providing CMMC training or support services to DoD contractors. Preference will be given to organizations with an Oklahoma office or those planning to establish one within three months of contract award.
The Department of Commerce is seeking potential suppliers to provide Cybersecurity Maturity Model Certification (CMMC) services as part of a phased pilot program aimed at assisting Oklahoma small and medium-sized businesses (SMBs) in understanding, preparing for, and achieving CMMC compliance. This initiative aligns with Department of Defense (DoD) standards and aims to reduce barriers for SMBs in the defense supply chain that currently lack the capacity to meet these rigorous cybersecurity requirements.
Work Details
The contract will involve two levels of services: Level 1 and Level 2.
Level 1 Services include foundational development and provision of training, which involves delivering an on-demand 'CMMC 101' webinar tailored for Oklahoma companies, providing remote and/or in-person instructional sessions on CMMC requirements, developing a Vendor Resource Matrix with qualified vendors, and documenting experience with CMMC and NIST 800-171.
Level 2 Services focus on the development and execution of CMMC assessments. This requires the creation of a Unified CMMC Readiness Checklist aligned with NIST 800-171, facilitating engagement between certified assessors and businesses, and supporting documentation preparation and technical remediation activities. The vendor must also propose a pricing structure that may exclude technical remediation from the flat fee for Level 2 services.
Period of Performance
The services will be provided on an as-needed basis following contract award, with specific timelines for deliverables determined based on program requirements and funding availability.
Place of Performance
The services will primarily be performed in Oklahoma, targeting small and medium-sized businesses within the state's defense supply chain.
Bidder Requirements
Bidders must demonstrate expertise in CMMC/NIST 800-171 compliance, have current credentials as a Registered Provider Organization (RPO) or Certified Third Party Assessment Organization (C3PAO), and possess experience providing CMMC training or support services to DoD contractors. Preference will be given to organizations with an Oklahoma office or those planning to establish one within three months of contract award.
Loading Map
Loading Map
Overview
Agency
Opportunity ID
EV00000864
Version
1
Response Deadline
April 16, 2026
Past Due
Date Posted
Feb. 18, 2026
Est. Value Range
Experimental
$5,000,000 - $15,000,000
(AI estimate)
Agency Distribution
Moderate
Source
On 2/18/26 Department of Commerce in Oklahoma issued Cybersecurity Maturity Model Certification (CMMC) with ID EV00000864 due 4/16/26.
Contacts
Documents
Posted documents for Cybersecurity Maturity Model Certification (CMMC)
Opportunity Assistant
Additional Details
Event Round
1
Event Version
1