How to Prepare for a CMMC Assessment

Corserva blog

Ever since the DoD first released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) in January 2020, companies operating in federal supply chains have been trying to figure out what they can do now to prepare for a future CMMC assessment.

 

Get Answers to Your Questions about CMMC

Typical questions you may have about CMMC include:

  • Who is impacted by CMMC?
  • How do I pass a CMMC assessment?
  • Who is involved in the CMMC-AB pilot programs?
  • How do I know which cybersecurity maturity level of CMMC applies to my company?
  • What are the costs of CMMC compliance?
  • When is the deadline for CMMC?
  • What can I do now to prepare for a future CMMC assessment?

For answers to your questions, check out Corserva's guide, "How to Prepare for a CMMC Audit."

How to Prepare for a CMMC Audit

Take Steps Now to Get Ready

Although C3PAOs are not yet able to perform CMMC assessments themselves (as of May 2021), there are things you can do now to prepare your company for a future assessment by a C3PAO.

  1. Isolate CUI.
  2. Use FIPS validated cryptography for encryption.
  3. Manage CUI with defined policies and procedures.
  4. Avoid the shopping cart approach.
  5. Identify gaps.

Learn more in the CMMC infographic, "5 Things to Do to Prepare for a CMMC Audit."

CMMC

 

RPOCorserva CMMC Readiness Services

Corserva can prepare you for a CMMC assessment by a C3PAO.

Corserva is a CMMC-AB Registered Provider Organization™ (RPO) and we are listed on the CMMC-AB Marketplace.

As an RPO, Corserva is authorized by the CMMC-AB to provide pre-assessment consulting services to government contractors and other OSCs.

Corserva has created an easy process to enable you to get ready for a CMMC assessment and protect your government contracts.

To prepare you for your CMMC assessment, these are the steps we follow:

  1. Identify the relevant requirements of CMMC you will need to meet.
  2. Perform an "as is" gap analysis of your processes and security controls, identifying areas to be corrected.
  3. Create a list of remediation steps to be taken prior to your certification assessment being performed by a C3PAO.

The end deliverable to you is a clear set of corrective actions to take before your CMMC assessment.

Get started today by requesting a quote for CMMC readiness services.

GET A QUOTE

 

About Corserva

Corserva has been in business for over 30 years and offers a large portfolio of IT and consulting services. Our team has a very strong focus on NIST 800-171 assessments and CMMC readiness services.

 

Post Date: May 25, 2021 // 10:35 AM

Topic category:

NIST & CMMC

Author:

Adam Keely

Adam is a security analyst and CMMC-AB Registered Practitioner (RP). He is a member of Corserva’s assessment and compliance team, guiding companies in meeting business objectives with NIST 800-171 and CMMC. Adam spent 5 years in the United States Marine Corps as a Communications Electronics Technician before entering the corporate world, where he has worked in web development and cybersecurity.

Share: