A compromise will not automatically require recertification. The general consensus is that if the organization meets the reporting and notification requirements outlined in the Incident Response domain and there is no negligence, the certification will hold.  The issues that will cause the loss of certification may be late reporting, poor execution of the system security plan, and the security controls.