We assist your organization to align compliance requirements with security objectives.
Malicious cyber actors have targeted and continue to target the Defense Industrial Base (DIB) sector and the supply chain of the Department of Defense (DoD). The DoD has worked with industry to enhance the protection of the following types of unclassified information in the supply chain.
Federal Contract Information (FCI) – FCI is information provided by or generated for the Government under contract not intended for public release.
Controlled Unclassified Information (CUI) – DCSA defines CUI as government created or owned information that requires safeguarding or dissemination controls consistent with applicable laws, regulations and government wide policies. CUI is not classified information. It is not corporate intellectual property unless created for or included in requirements related to a government contract.
The Office of the Under Secretary of Defense for Acquisition and Sustainment has developed the Cybersecurity Maturity Model Certification (CMMC) framework to address these issues.
We assess your current cybersecurity maturity by reviewing existing documentation including current certifications, security plans, IT policies, and procedures, etc.
We assist your organization addressing any gaps in the practices and controls identified in the readiness review.
6 to 12 months prior to your CMMC Audit, we prepare your staff for the audit including interviews and final documentation preparation.