In mid-2019, the Depart of Defense (DoD) announced it would unify a cybersecurity framework and certification program to standardize cybersecurity protocols across the defense industrial base (DIB). The DIB includes a worldwide network of companies that provides products and services that are essential to mobilize, deploy, and sustain military operations. On January 31, 2020, the DoD released the Cybersecurity Maturity model Certification (CMMC) version 1.0.
By September 2020, all DoD contractors and sub-contractors will need to be certified to bid on requests for proposals. CMMC is not optional. The program is designed to force companies doing business with the US Government to comply to a standard baseline of cybersecurity controls.
Elevate specializes in cybersecurity compliance controls and documentation. We are your trusted CMMC partner to assist you with your readiness to be certified.
Our solution is:
Our CMMC framework brings together all the previously discrete compliance processes into one unified framework, including:
- FAR 52.204-21
- NIST 800-171 rev2
- NIST 800-171B
- NIST 800-53 rev4
- CERT RMM v1.2
- ISO 27002
- NIST Cybersecurity Framework
- CIS Critical Security Controls v7.1
- Secure Controls Framework (SCF)
How to Prepare for a CMMC Audit
We have eliminated the mystery and complexity of all these frameworks by working with your management to build a customized requirements matrix that captures the right level of CMMC compliance based on your CMMC requirements. We understand that no two contracts are alike as well as varying ways in which sub-contractors can be used. We will guide your team through the CMMC tiered model that addresses every business in DIB, from the fortune 500 companies down to small sub-contractor agreements.
The following illustrates the 5 CMMC levels and their specific set of controls for each level that will be in scope for a CMMC audit. Each level of CMMC maturity has increasing expectations:
At the core of the governing framework is clean, simple, and up-to-date documentation. Our deep expertise in documenting, designing, advising, and auditing IT Compliance, Data Privacy, and Cybersecurity controls will ensure you obtain the right level of CMMC certification for your government contracts.