CMMC

The CMMC Program

A blue and white badge with the words cybersecurity maturity model certification.

To protect American ingenuity and national security information, the Department of Defense (DoD) developed the Cybersecurity Maturity Model Certification (CMMC) 2.0 program to reinforce the importance of Defense Industrial Base (DIB) cybersecurity for safeguarding the information that supports and enables our warfighters.

Once CMMC 2.0 is implemented, contractors will be required to obtain a third-party CMMC Level 2 assessment for a subset of acquisitions that involve information critical to national security. DIB companies will be fully responsible for obtaining the needed assessment and certification, to include coordinating and planning the CMMC assessment.

CMMC Certification Services

A badge that says authorized c 3 pao

The DoD has approved voluntary NIST SP 800-171 (CMMC level 2) assessments through the Joint Surveillance Voluntary Assessment Program.

As an Authorized CMMC 3rd Party Assessment Organization (C3PAO), Cybersec Investments is authorized to conduct NIST SP 800-171 (CMMC Level 2) assessments through the DoD’s Joint Surveillance Voluntary Assessment Program (JSVA). 

To learn more about DoD’s Joint Surveillance Voluntary Assessment Program (JSVA), watch this video.

We also offer 3rd Party Letters of Attestation for both FAR 52.204-21 and NIST SP 800-171**

CMMC Readiness Review

Not sure if you are ready for your CMMC assessment? Let us evaluate your organization prior to your CMMC assessment.

CMMC Advisory Services

A badge that says certified cmmc professional

Our team can help your organization get ready for your FAR 52.204-21 (CMMC Level 1) or NIST SP 800-171 (CMMC Level 2) Assessment.  We offer the following services: 

  • Gap assessment – Evaluating your current state of DFARS 252.204-7012 and NIST SP 800-171 (CMMC Level 2) requirements.
  • Remediation Planning – Assistance in resolving identified existing gaps.
  • Documentation – Assistance with developing policies, procedures, plans, etc. as part of your DFARS 252.204-7012 and NIST SP 800-171 (CMMC Level 2) compliance journey.

**Assessments of conformity to the NIST SP 800-171 standard by CMMC Third-Party Assessment Organizations (C3PAOs) do not convey any reciprocity or advanced standing with the U.S. Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) initiative, nor will they result in a certification recognized by DoD or the CMMC Accreditation Body, Inc.