Dasha Deckwerth

Cybersecurity Maturity Model Certification (CMMC) Provisional Assessor

CONTACT US FOR MORE INFORMATION

START YOUR PREPARATION TODAY​

In the near to medium term, if your organization provides goods or services to the DoD, you’ll be required to obtain CMMC certification to be able to be awarded DoD contracts. When you choose Stealth Group CMMC services, you will be working with a CMMC Provisional Assessor or CMMC Registered Practitioner who have received the official CMMC training and will ensure you get your questions answered. All consulting and assessments are performed based on the CMMC standard, quality and methodology. We are a registered CMMC C3PAO company approved to perform CMMC assessments

KEY FEATURES OF CMMC 2.0

  • Focused on the most critical requirements: Streamlines the model from 5 to 3 compliance levels.
  • Aligned with widely accepted standards: Uses National Institute of Standards and Technology (NIST) cybersecurity standards.
  • Reduced assessment costs: Allows all companies at Level 1 (Foundational), and a subset of companies at Level 2 (Advanced) to demonstrate compliance through self-assessment.
  • Higher accountability: Increases oversight of professional and ethical standards of third-party assessors.
  • Spirit of collaboration: Allows companies, under certain limited circumstances, to make Plans of Action & Milestones (POA&Ms) to achieve certification
  • Added flexibility and speed: Allows waivers to CMMC requirements under certain limited circumstances.

SO WHAT CHANGED FROM CMMC 1.0 TO 2.0?

Plan of Actions and Milestones (POA&Ms)

  • Allows the use of POA&Ms
  • Highest weighted requirements cannot be on POA&M list
  • DoD will establish a minimum score requirement to support certification with POA&Ms

Waivers

  • Applied to entire CMMC requirement, not individual cybersecurity practices
  • Allowed on a very limited basis in select mission critical instances, upon senior leadership approval
  • DoD program office submits a justification package that includes specified timeline and associated risk mitigation plan
  • Timelines imposed on a case-by-case basis to achieve CMMC compliance

Levels

  • 3 increasingly progressive levels:
  • Foundational / Level 1 (same as previous level 1)
  • Advanced / Level 2 (previous level 3)
  • Expert / Level 3 (previous level 5)

Requirements at Each Level

  • Eliminates all maturity processes
  • Eliminates all CMMC unique security practices:
  • Advanced / Level 2 will mirror NIST SP 800-171 (110 security practices)
  • Expert / Level 3 will be based on a subset of NIST SP 800-172 requirements

Receive Consulting/Review by a Certified Provisional Assessor and/or Registered Practitioner:

We will help you identify the gaps to be filled to meet CMMC requirements. This also includes making sure you are ready for the assessment and have all required documentation in place.

Assessment & Gap Analysis:

Using our extensive experience in cybersecurity and CMMC requirements, we will conduct a FCI/CUI assessment and CMMC pre-assessment. We deliver a detailed report and action plan to help you know what you need to do to pass your CMMC audit.

Managed Security Support Plan (SSP) for CMMC Compliance:

Based on the results of the gap analysis, we will build a plan to focus your efforts.

Remediation:

We will help build a plan and close your existing gaps while formalizing your processes, controls and documenting your compliance.

OUR SOLUTION

Our security and CMMC services are designed to support your organization to meet and maintain CMMC requirements

 

We will help you identify the gaps to be filled to meet CMMC requirements. This also includes making sure you are ready for the assessment and have all required documentation in place.

Using our extensive experience in cybersecurity and CMMC requirements, we will conduct a FCI/CUI assessment and CMMC pre-assessment. We deliver a detailed report and action plan to help you know what you need to do to pass your CMMC audit.

 

Based on the results of the gap analysis, we will build a plan to focus your efforts.

 

We will help build a plan and close your existing gaps while formalizing your processes, controls and documenting your compliance.

 
Powered by Top Rated Local®
Powered by Top Rated Local®