Federal Contract Information (FCI)

CMMC - What is Federal Contract Information (FCI)?

Learn what Federal Contract Information (FCI) is and how it relates to CMMC.

Join our newsletter:

What is FCI?

Official definition: “Federal contract information means information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public Web sites) or simple transactional information, such as necessary to process payments.”

The Relation between CMMC and FCI

Contractors that have FCI on their systems are expected to protect them at either CMMC level one or two. Always check your contract to confirm your own CMMC requirements. CMMC level one matches up to the security controls required by FAR 52.204-21. If your company has already implemented those controls then you are well positioned for CMMC.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.