Skip to content
Cybersecurity Maturity Model Certification (CMMC) Compliance
CMMC 2.0 Compliance
The CMMC 2.0 sets new data security requirements for all 300,000+ contractors working with the US Department of Defense.
The three CMMC 2.0 levels replace the five that existed under CMMC 1.0 regulations. Depending on the sensitivity of the data you handle, you'll need to meet one of the three levels of cybersecurity preparedness to bid on a DoD request for proposal.
The Definitive Guide to CMMC Compliance
If you’re concerned about CMMC, we’ve put together everything you need to know
Who needs to be CMMC
compliant?
All businesses bidding on DoD contracts are required to have CMMC 2.0. The requirements also apply to subcontractors in the bidder’s supply chain.
CMMC 2.0 requires certification by a third-party assessor for levels two and three, while self-certification is now an option for level one.
The DoD officially published the final rule for CMMC 2.0 on October 15 and it is set to take effect on December 16. This rule aims to ensure that defense contractors meet strict cybersecurity standards for handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).
If defense contracts are important to your business and you are worried about meeting the new requirements, we are here to help!
What level of CMMC do you need?
Level 1
- Foundational
- Safeguarding Federal Contract Information (FCI)
- 17 security controls
- Annual Self-Assessment
Level 2
- Advanced
- Protection of CUI
- Aligned with the 110 controls in NIST SP 800-171
- Triennial third-party assessments for critical information; Annual self-assessment for select programs
Level 3
- Expert
- Protection of CUI and risk of Advanced Persistent Threats (APTs)
- 100+ practices based on NIST SP 800-172
- Triennial government-led assessments
Achieve CMMC compliance with
our simple 3-step process:
Gap Assessment
Before the CMMC audit, there is an important step you should take to ensure you meet the requirements. Known as a Gap Assessment, it identifies the weaknesses in your business’s security posture and recommends ways to strengthen them.
We can help make sure you’re compliant so you can bid on the contracts that are critical to your business.
Whichever level you are trying to achieve, the Gap Assessment should be performed so there are no surprises come audit time.
Let us assess all the gaps in your cybersecurity posture and deliver a plan to remediate them so you can achieve CMMC certification.
Enlist Necessary CMMC Services
Backup and Disaster Recovery
Backup and Disaster Recovery
Dark Web Monitoring
Dark Web Monitoring
Endpoint Encryption
Endpoint Encryption
External Vulnerability Scanning
External Vulnerability Scanning
Security Awareness Training
Security Awareness Training
SIEM
SIEM
CMMC Audit Assistance
Preparing for your new CMMC audit will be confusing, and we are here to help.
Charles IT will guide you through the process by recommending CMMC auditors and then acting on your behalf to produce the evidence needed to prove your security posture and effectiveness of controls.
Do not let this process distract you from what you do best: running your business. Let Charles IT step in and help you on the path to CMMC certification!
What results to expect
Once we start working with clients to achieve their CMMC compliance, we’ve seen them enjoy…
- Confidence in passing their CMMC audit
- Ability to bid successfully for RFPs
- Increased stakeholder trust from their CMMC status
- Peace of mind that they are secure and CMMC-compliant
Don't just take our word for it
It’s always a great feeling when you know that someone has your back. Thanks for the fast response time and professional service, Matt!
Charles IT are ALWAYS so responsive and helpful. Truly the best!
Charles IT are always thinking of everything we’re not. They listen to our needs and they don’t just point out problems, they have solutions.
