Military Humvee

CMMC Assessment Service:

DoD Audit Preparation

Audit Readiness in 3 Simple Steps

1. Assessment/SSP/POAM

We perform a detailed assessment of your current network and compare this with the cybersecurity controls required in NIST SP 800-171. We then prepare an SSP so that you can provide documented evidence to your Prime that you’re on your way towards compliance. This step then serves as the basis for creation of the remediation plan

2. Remediation

In this step the items called out in the POAM need to be addressed. Depending on the current state of your IT systems, this can be as simple as implementing multi-factor authentication and security awareness training or as complex as refreshing an entire aging infrastructure.

3. Compliance Monitoring & Maintenance

Ongoing advanced cybersecurity monitoring and incident response capabilities are required to remain compliant. If a cyber incident occurs you must notify the DoD through the DIBNet Portal within 72 hours. You must also constantly assess and maintain the NIST 800-171 controls over time as systems change and fall out of alignment.