Firm News

Cherry Bekaert Receives CMMC Third-Party Assessment Organization Authorization

calendar iconDecember 6, 2022

Cherry Bekaert (the Firm) is pleased to announce it has been authorized by the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body, Inc. (The Cyber AB) as a CMMC Third-Party Assessment Organization (C3PAO), strengthening the Firm’s ability to deliver comprehensive CMMC services. This designation allows Cherry Bekaert to assess Department of Defense (DoD) contractors under the Joint Surveillance Voluntary Assessments program in partnership with the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC).

“The Firm is excited to receive C3PAO authorization and has a deep understanding of the assessment process having undergone Level 2 assessment as a Firm. Being able to assist DoD contractors seeking CMMC certification with CMMC readiness and DIBCAC Joint Surveillance Voluntary assessments furthers our firm-wide commitment to continue to guide DoD contractors with cybersecurity expertise pertinent to the industry” said Neal Beggan, Cherry Bekaert Risk & Accounting Advisory Partner and CMMC Provisional Assessor trained and certified by The Cyber AB.

Cherry Bekaert is also a CMMC Registered Provider Organization (“RPO”) and provides readiness assessment consulting services to organizations seeking CMMC certification.

“For more than 20 years, we have focused extensively on advising government contractors on compliance and regulatory matters that enhance and address their specific requirements to transform cybersecurity into a competitive advantage. We have been at the forefront of helping companies with NIST 800-171 compliance and more recently CMMC readiness services, and we are pleased to further assist DoD contractors seeking CMMC certification with CMMC Level 2 assessment services,” explained Susan Moser, the Cherry Bekaert’s Government Contracting Industry Leader.

About CMMC and The Cyber AB

CMMC is a unified cybersecurity standard for DoD acquisitions aimed at securing the Defense Industrial Base (DIB) supply chain. This standard was updated in November of 2021 and is now considered “CMMC 2.0”. The CMMC framework consists of three levels and can require an independent third-party certification by an accredited organization.

The Cyber AB, a Maryland-based, nonprofit, 501(c)(3) tax-exempt organization, is the official accreditation body and the sole authorized non-governmental partner of the U.S. Department of Defense in the implementation, accreditation, and oversight of the CMMC Ecosystem.

For more information about Cherry Bekaert’s CMMC services, please visit or contact us at