With the goal of helping you achieve and maintain your Cybersecurity Maturity Model Certification (CMMC) requirement, we are assisting companies, like yours, protect federal contract information (FCI) and controlled unclassified information (CUI). Starting in 2020 the CMMC certification will be a requirement for participation in most DoD request for information (RFIs) and request for proposals (RFPs). This CMMC requirement will apply to both prime and subcontractors for all DoD procurement in future years. TechWorx’s CMMC services are designed to support organizations that are required to obtain and maintain their CMMC certification.
CMMC scope and level determination support
Based on current CMMC guidance, we can help your organization think through the level and the scope for your specific CMMC requirements. This includes evaluating not only your technology but the processes and procedures surrounding your IT assets. We will help you with the reporting requirements and training of your employees as well.
CMMC gap assessment
Using our extensive understanding of cybersecurity, NIST SP 800-171 and the requirements of the CMMC model, we help map your existing controls to the CMMC model, identify gaps between your controls and the CMMC model and provide recommendations for remediating those control gaps. This can be in a mock assessment or more advisory structure to suit your needs.
CMMC remediation and documentation support
If needed, our compliance specialists can work with you to build a plan and close your existing gaps. We can help formalize your processes and controls, and document your compliance. Additionally, we can help you procure and implement any software or hardware identified in the gap analysis.
CMMC business impact and readiness support
CMMC will have impacts on your supply chain, bid and proposal and project-specific IT systems. Leveraging our expertise and years of experience supporting highly regulated industries, we can help you think about and develop strategy to respond to issues such as risk assessment of teaming partners. This will ensure they are ready for CMMC so you can successfully bid, flow down clause management, estimate cost implications and respond to RFP and RFI CMMC requirements.
Cost allowability
The DoD indicated they understand contractors will incur incremental costs to establish good cyber hygiene and compliance with new requirements. Our specialists will help you navigate these increased technology expenses in a planned and phased approach.
Entry or expanding your government contracting business
If you are contemplating entering or expanding your government contracting business, we can help you determine gaps with CMMC (or to achieve a higher level of CMMC) and other DFARS, FAR and CAS requirements, as well as support your implementation of those process.
Future/pending: certification assessments
As the details of the certification program finalize, TechWorx intends to become a certified Registered Provider Organization (RPO) with multiple Registered Practitioners (RP), to help you prepare and pass your CMMC level audit.
How TechWorx Can Help
With the deadline to integrate the changes your organization needs to meet the CMMC certificication, any business that sells products and services to the DoD has to begin to shift their priorities to ensure they are compliant with the new mandates. The best course of action is to read through the certification here, and then call TechWorx at 814-806-3228 or email us to see how our technology professionals can help you structure your network and data security policies to adhere to even the most stringent security mandates.