CMMC Certification | Â鶹AV Group

Â鶹AV

Call
Ask an Expert
Tel: +1-281-673-2800
Find an Office
Email
Email Us

CMMC Certification

CMMC Certification - Authorized C3PAO


Cybersecurity Maturity Model Certification

Cybersecurity Maturity Model Certification

Are you currently working with or planning to work within the Department of Defense (DoD) supply chain?

Stand out and get ahead by becoming an Early Adopter of the Cybersecurity Maturity Model Certification (CMMC).

Get Started

Protecting the United States from Cyber Threats

The threat of cyber attacks keeps consumers, CEOs and Boards of Directors awake at night. Furthermore, organizations that support government entities, like the Department of Defense (DoD), remain at high-risk as the valuable information they create, process or store can jeopardize the safety and security of the U.S. in the hands of foreign adversaries, hacktivists, organized crime and other threat actors. To mitigate these risks, the DoD is requiring all suppliers that implement cybersecurity measures to be in compliance with CMMC practices.

What is the Cybersecurity Maturity Model Certification (CMMC)?

Developed by the DoD, the Cybersecurity Maturity Model Certification (CMMC) is a program to ensure that all Defense Industrial Base (DIB) contractors meet cybersecurity requirements for handling controlled unclassified information (CUI) and federal contract information (FCI). While rulemaking is still being finalized, it is important now more than ever to become an Early Adopter by considering Â鶹AV Quality Evaluations, Inc. (Â鶹AV QE) as your Certified Third-Party Assessment Organization (C3PAO).

What's Next? Partner With a Trusted C3PAO

Â鶹AV QE is ready to help your organization meet CMMC 2.0 requirements. With over 30 years of experience providing globally accredited business assurance services, Â鶹AV QE is one of the first companies to be certified as a C3PAO authorized by the CMMC Accreditation Body (Cyber AB). As a C3PAO and Licensed Training Provider (LTP), we provide assessments and programs that support organizations like yours in their compliance journey.

Readiness Review

The Basic Readiness Review includes a System Security Plan (SSP) review against the 110 CMMC controls and objectives, CUI data flow review, network topology and diagram review, hardware and software asset list review, Plan of Action and Milestone (POA&M) Confirmation, CMMC scope verification, shared responsibility matrix review and SRPS confirmation.

Gap Assessment*

The Gap Assessment is a mock assessment. After the assessment, your organization will receive an Executive Summary and Assessment report that addresses each of the 110 security controls. From here, it will be up to your organization to remediate your environment. If desired afterward, Â鶹AV QE can also perform a CMMC certification assessment.

Joint Surveillance Voluntary Assessment Program (JSVAP)

The JSVAP is a pilot program authorized by the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) assessment team that allows DIB contractors with an active DoD contract to undergo a DIBCAC NIST 800-171 assessment. Upon successfully completing a JSVA with a score of 88 or above, you will be eligible to receive a CMMC Level 2 certificate that will be valid for three years once CMMC rulemaking is completed.

C3PAO Certification Assessment*

A C3PAO Certification Assessment is an official assessment for CMMC certification and is conducted in 2 phases via two separate work orders. Upon the successful completion and passing of Phase 1 Planning, the Phase 2 Certification Assessment work order is executed. Â鶹AV QE will then provide results to your organization and the Cyber AB.

 

*No consultation or remediation advice is provided. 

CMMC Training

Certified CMMC Professional (CCP) 

This course will provide an in-depth knowledge of the CMMC requirements to help better prepare the individuals to implement controls, apply self-assessments and the CMMC certification process. When completed, organizations will be able to implement required CMMC practices and conduct certification assessments.

Upon completion of the course, attendees will be eligible to sit for the CCP exam.

 

Certified CMMC Assessor (CCA)

This course will provide in-depth knowledge of the CMMC model and the technical background required for an assessor to participate as part of a C3PAO assessment team and provide consultation to an organization seeking Level 2 CMMC assessment.


Upon completion of the course, attendees will be eligible to sit for the CCA exam.

Why Â鶹AV Quality Evaluations?

We're a global leader in Certified Performance.

Â鶹AV QE is a Certified Third-Party Assessor Organization (C3PAO) authorized by the Cyber Accreditation Body (Cyber AB) and a licensed training provider (LTP) certified by the Cybersecurity Assessor and Instructor Certification Organization (CAICO) to provide CMMC assessment services and training.

Our cybersecurity services include CMMC training, self-assessments, readiness reviews, gap assessments, Joint Surveillance Voluntary Assessment Program (JSVAP) assistance and certifications for ISO/IEC 20000, ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27017, ISO/IEC 27018 and ISO/IEC 27701, among others.

C3PAO & LTP Certification

Back to top