CMMC, DFARS & NIST DCMA Audits and Assessments
Are You PrepareD for CMMC or DCMA (DFARS/NIST 800-171) AUDITS?
If you are a Department of Defense Federal Contractor, you must currently be 100% compliant with the DFARS 252.204-7012/NIST SP 800-171 requirements today. The DCMA is conducting audits of contractor compliance more and more frequently. Additionally, the upcoming requirement later in 2020 for DOD contractors is the Cybersecurity Maturity Model Certification (CMMC) Levels 1 - 5, which could mean you must pass an audit performed by a C3PAO (CMMC Third Party Assessment Organization) on this new set of controls. Since the CMMC has been receiving tons of attention currently, let's address that audit first:
NOTE: NO CMMC Audits will be PERFORMED BY ANY Organization BEFORE AUGUST 2020.
Need Help Now?
If you're seeking help to address your upcoming CMMC audit late this year, we are currently performing CMMC Gap Assessments (Click here). During the CMMC Gap Assessment service, we will review and explain each new control you must implement and determine your current compliance level. This CMMC Gap Assessment Report provides a clear roadmap of which controls must be implemented prior to attempting to pass your audit.
DCMA Audits of DFARS-7012 and NIST-171
The deadline for DoD contractors to comply with DFARS 252.204-7012 has expired. There is no grace period. Contractors are being audited by DCMA, specifically focusing on their NIST SP 800-171 compliance, their Systems Security Plan (SSP), Plan of Actions and Milestones (POA&M), and Policies. Every Sentar DFARS/NIST client that has been audited by the DCMA have passed.
If you are seeking help for an upcoming audit, we have helped almost a hundred DOD Contractors meet their compliance requirements.