The Cybersecurity Maturity Model Certification (CMMC) is a new framework with the objective of securing federal contract information (FCI) and controlled unclassified information (CUI) that is stored, processed, or transmitted by defense contractors and the entire defense industrial base (DIB). CMMC builds on the existing NIST SP 800-171 requirements and additionally requires assessment by certified third-party assessment organizations (C3PAOs).
“We are excited to participate in CMMC assessments when they launch in late 2020 / early 2021 as many of our clients also participate as defense contractors and subcontractors that are subject to DFARS and the associated requirements.”
Being an accredited FedRAMP 3PAO and having significant experience with the largest subservice organizations providing services to the federal government, our team has the experience needed in providing NIST assessments for the broader Defense Industrial Base (DIB).
Schellman was one of the first C3PAOs approved by the CMMC Accreditation Body due to our experience performing FedRAMP Assessments for Civilian and DoD Environments.
Our Schellman teams have experience performing thousands of assessments for organizations providing services to the federal government.
We're here to answer any questions.