What is the Cybersecurity Maturity Model Certification (CMMC)?

Building upon the NIST SP 800-171 DoD Assessment Methodology, the CMMC framework adds a comprehensive and scalable certification element to verify the implementation of processes and practices associated with the achievement of a cybersecurity maturity level. CMMC is designed to provide increased assurance to the Department that a DIB contractor can adequately protect sensitive unclassified information such as Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) at a level commensurate with the risk, accounting for information flow down to its subcontractors in a multi-tier supply chain.

How We Help You Achieve CMMC Compliance

1

Readiness Review

We will ensure your organization meets compliance requirements to successfully undergo your CMMC Assessment.

2

Pre-Assessments

We will perform a mock control assessment to determine your current organizational gaps in meeting the CMMC requirements.

3

POA&M Remediation

We will help you remediate your existing plans of action & milestones to ensure your organization meets compliance requirements to successfully undergo your CMMC Assessment.

Our Credentials

RPO Registered.png
Registered Provider Organization (RPO)

Diligent is an authorized RPO in the CMMC ecosystem providing advice, consulting, and recommendations.

We also on staff, authorized Registered Practitioners (RP) who deliver advisory services on the CMMC standard.

C3PAO Badge - Candidate_clr.png
Third-Party Assessor Organization (C3PAO)

Diligent is a C3PAO Candidate, authorized to manage CMMC assessments.

We also on staff, Certified CMMC Professional (CCP) and Certified CMMC Assessor (CCA) Candidates, authorized to conduct CMMC assessments.

Readiness Review Methodology

scope-01.png
Scope Review

Our team meet with you to discuss and identify the information security system that are in-scope of CMMC. 

polocies-01.png
Policy and Procedure Review

Our team will review your existing Policy and Procedure documents, and provide feedback.

SSP-01.png
System Security Plan Review

Our team will review your existing System Security Plan, and provide feedback.

Pre-Assessment Methodology

Interviews & Document Review

Our team assesses the effectiveness of the information security controls protecting your in-scope infrastructure. 

Findings

Our team will present all relevant discoveries and finding to the appropriate organization stakeholders.

Recommendations and Remediation

Our team will deliver our recommendations for remediation.

POA&M Remediation Methodology

Recommendations and Remediation

Our team will review your existing plan of action & milestones for remediation.

POAMs-01.png
POA&M Remediation

Our team will help you put together a plan to remediate existing POA&Ms.

SSP-01.png
Update System Security Plan

Our team will help you update your System Security Plan to reflect the remediated POA&Ms.

Ready to discuss your cybersecurity challenges?