Coalfire Federal, a cybersecurity services provider to the federal government and Defense Industrial Base (DIB), has been selected by the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) to become one of the first firms authorized to perform CMMC audits.
The CMMC framework was created to address the ongoing theft and unauthorized access to Controlled Unclassified Information (CUI) by foreign adversaries through the enforcement of good cyber hygiene and best practices. The CMMC framework is a set of mandatory cybersecurity requirements that all contractors in the Department of Defense supply chain must implement and then have verified by an independent CMMC Third-Party Assessment Organization. Five certification levels define the minimum security posture or maturity an organization must achieve as determined by the sensitivity of the information they handle. Organizations handling CUI must be certified at CMMC Level 3 or higher.
“As we experienced through the rollout of FedRAMP, we expect there will be lessons learned about the implementation and verification of CMMC practices and processes during the inaugural audits of 1,500 Pathfinder companies that will be performed in 2021,” said Coalfire Federal President Bill Malone. “Like the success we’ve seen in our partnership with the FedRAMP Program Management Office, we look forward to a collaborative relationship with the CMMC-AB to help ensure the successful rollout and implementation of the CMMC framework.”
Over the last year, the Coalfire Federal team has participated as volunteers in the CMMC-AB Working Group responsible for creating the assessment criteria and methodologies to support the CMMC framework. Coalfire Federal employees were selected to participate in the Provisional Assessor training program and have successfully completed their training and earned their Provisional Assessor credentials. Coalfire Federal is also a CMMC Registered Practitioner Organization (RPO) capable of providing CMMC advisory services to DIB companies seeking assistance as they prepare for an official CMMC audit.
