Cybersecurity Maturity Model Certification (CMMC) Compliance
The new compliance requirement for defense contractors
The CMMC sets new data security requirements for all 300,000+ contractors working with the US Department of Defense.
The CMMC’s five levels replace the three that existed under the previous DFARS/NIST regulations. Depending on the sensitivity of the data you handle, you will need to meet one of the five levels of cybersecurity preparedness to bid on a DoD request for proposal.
The Definitive Guide to CMMC Compliance
If you’re concerned about CMMC, we’ve put together everything you need to know
Who needs to be
compliant?
All businesses bidding on DoD contracts are required to have the CMMC. The requirements also apply to subcontractors in the bidder’s supply chain.
CMMC requires certification by a third-party assessor – self-certification is no longer an option. The certification process began in late 2020.
If defense contracts are important to your business and you are worried about meeting the new requirements, we are here to help!
What level of CMMC do you need?
Level 1
- Basic Cyber Hygiene
- Safeguarding Federal Contract Information (FCI)
- 17 security controls
Level 2
- Intermediate Cyber Hygiene
- Transitional step progression to protect CUI
- 46 additional security controls
Level 3
- Good Cyber Hygiene
- Protection of CUI
- 47 more security controls
- Equivalent to the 110 controls in NIST SP 800-171
Level 4
- Proactive
- Protection of CUI and risk of Advanced Persistent Threats (APTs)
- 26 more controls in addition to NIST 800-171
Level 5
- Advanced
- Protection of CUI and risk of Advanced Persistent Threats (APTs)
- 30 more controls in addition to NIST 800-171
Achieve CMMC compliance with
our simple 3-step process:
Gap Assessment
Before the CMMC audit, there is an important step you should take to ensure you meet the requirements. Known as a Gap Assessment, it identifies the weaknesses in your business’s security posture and recommends ways to strengthen them.
We can help make sure you’re compliant so you can bid on the contracts that are critical to your business.
Whichever level you are trying to achieve, the Gap Assessment should be performed so there are no surprises come audit time.
Let us assess all the gaps in your cybersecurity posture and deliver a plan to remediate them so you can achieve CMMC certification.
Enlist our CMMC Services
Backup and Disaster Recovery
Backup and Disaster Recovery
Dark Web Monitoring
Dark Web Monitoring
Endpoint Encryption
Endpoint Encryption
External Vulnerability Scanning
External Vulnerability Scanning
Security Awareness Training
Security Awareness Training
SIEM
SIEM
CMMC Audit Assistance
Preparing for your new CMMC audit will be confusing, and we are here to help.
Charles IT will guide you through the process by recommending CMMC auditors and then acting on your behalf to produce the evidence needed to prove your security posture and effectiveness of controls.
Do not let this process distract you from what you do best: running your business. Let Charles IT step in and help you on the path to CMMC certification!
What results to expect
Once we start working with clients to achieve their CMMC compliance, we’ve seen them enjoy…
- Confidence in passing their CMMC audit
- Ability to bid successfully for RFPs
- Increased stakeholder trust from their CMMC status
- Peace of mind that they are secure and CMMC-compliant
Don't just take our word for it
It’s always a great feeling when you know that someone has your back. Thanks for the fast response time and professional service, Matt!
Charles IT are ALWAYS so responsive and helpful. Truly the best!
Charles IT are always thinking of everything we’re not. They listen to our needs and they don’t just point out problems, they have solutions.
