The Cybersecurity Capability Maturity Model (C2M2) program is intended to aid organizations of all types evaluate and make improvements to their cybersecurity programs. The model focuses on the implementation and management of cybersecurity practices associated with the information technology (IT) and operational technology (OT) assets and the environments in which they operate. This FAQ document is intended to provide helpful information on the C2M2 program within the US Department of Energy.

For more information about how OE is enhancing the security and reliability of the nation's electric grid and reducing the risk of energy disruptions due to cyber attack, visit the Cybersecurity page.