Risk & Compliance

We assist your organization to align compliance requirements with security objectives.

Malicious cyber actors have targeted and continue to target the Defense Industrial Base (DIB) sector and the supply chain of the Department of Defense (DoD).  The DoD has worked with industry to enhance the protection of the following types of unclassified information in the supply chain.

Federal Contract Information (FCI) – FCI is information provided by or generated for the Government under contract not intended for public release.

Controlled Unclassified Information (CUI) – DCSA defines CUI as government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies.  CUI is not classified information. It is not corporate intellectual property unless created for or included in requirements related to a government contract.

The Office of the Under Secretary of Defense for Acquisition and Sustainment has developed the Cybersecurity Maturity Model Certification (CMMC) framework to address these issues.  

Accordion Content
Accordion Content
Accordion Content
Accordion Content
Accordion Content
Accordion Content
Accordion Content
Accordion Content