Operations and IT Management asked: “We just received a letter from our supplier noting we must become CMMC compliant. Can you help?

Context

  • Received letter from key customer regarding compliance to CMMC to continue contract work
  • Realized multi-million dollar contracts at risk
  • Needed a team that had the knowledge of DoD requirements and history

Our Approach

  • Assisted in understanding the self-assessment technical requirements and options and timing to achieve compliance
  • Performed NIST 800-171 readiness assessment and assist in creating the System Security Plan (SSP) and POA&M
  • Provided consulting and recommendations as manufacturer implement Plan of Action & Milestone (POA&M)
  • Assisted in sharing best practices around procedure/policy development

Customer Impact

  • Completed self-assessment and entered score and date of committed compliance into Supplier Performance Risk System (SPRS)
  • Performed a full NIST 800-171 readiness assessment; Develop SSP and POA&M
  • Executing on actions outlined in the POA&M to achieve compliance – includes technical solutions, as well as the development of missing policies and procedures

We Can Help

For more information on this and other topics, contact a member of our team.

The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.