While discussing CMMC with a co-worker recently, they were under the impression that an organization with a single CAGE code can only have one CMMC assessment/authorization. Meaning, he insisted you can't have multiple systems scoped/assessed separately under one CAGE code, it has to be done all together in scope and sumbitted that way. That doesn't make much sense to me, so thought I'd ask some of you CMMC gurus if you've seen anything in the rule that would provide clarity on this. Thanks!