Are You Ready for CMMC?
The Cybersecurity Maturity Model Certification (“CMMC”) is a unified cybersecurity standard for Department of Defense (“DoD”) acquisitions, aimed at securing the Defense Industrial Base (“DIB”) supply chain. This standard is required for all defense contractors and subcontractors wishing to do business with the DoD.
The CMMC framework consists of five levels and requires an independent third-party certification by an accredited organization.
|
LEVEL 1 Basic safeguarding of Federal Contract Information (“FCI”) |
LEVEL 2 Transition step to protect Controlled Unclassified Information (“CUI”) |
LEVEL 3 Protecting CUI |
LEVEL 4-5 Protecting CUI and reducing risk of Advanced Persistent Threats (“APT”) |
Cherry Bekaert’s CMMC Certifications
How Cherry Bekaert Can Help
As a CMMC Registered Practitioner Organization (“RPO”), Cherry Bekaert helps Organizations Seeking Certification (“OSC”) navigate the CMMC, as well as related DFARS and NIST certifications, to prepare for a CMMC assessment by way of:
|
Certification Level Identification & Consultation |
System Boundary Determination |
Assessment Approach Considerations (entity-level vs enclave vs hybrid) |
|
Control Definition & Design |
Documentation Development |
Mapping to Existing Frameworks such as NIST 800-53/171 (FedRAMP, FISMA, DFARS 7012), ISO 27001/2, SOC 2, PCI, HITRUST and Others |
|
Gap Analysis |
Remediation Design & Verification |
CMMC Assessments for Certification |
As a Certified 3rd Party Assessment Organization (“C3PAO”), Cherry Bekaert can complete assessments for certification for CMMC Maturity Levels 1 – 3.