START YOUR CMMC GAP ASSESSMENT & REMEDIATION TODAY!

BEGIN YOUR CMMC JOURNEY WITH A GAP ASSESSMENT NOW.

Name*
Business Email*
Company*
Phone*
Countries*
Email
This field is for validation purposes and should be left unchanged.

ControlCase helps companies understand and prepare for their
CMMC audit.

Using smart technology and a partnership approach, we will
start with a gap assessment for CMMC Level 1 and provide
you action plan to achieve CMMC Level 3.

ControlCase CMMC Readiness Approach

1 Assess CMMC Level 1
Certification Readiness.

2 Establish Remediation
Support Plan.

3 Provide Target Architecture report
to achieve CMMC Level 3 Certification.

Contact us today to discuss your CMMC gap assessment and remediation support plan!

USA +1.703.483.6383

CANADA +1.416.900.1272

UK / EUROPE +44.734.120.5513

INDIA / GULF REGION +91.22.50323006

ASIA PACIFIC +66.21056164

FREQUENTLY ASKED QUESTIONS

WHAT IS CMMC?

Cybersecurity Maturity Model Certification (CMMC) is a unifying standard for the implementation of cybersecurity across the Defense Industrial Base (DIB).

WHEN DID CMMC GO IN EFFECT?

The standard was released by the US Department of Defense (DoD) and became effective November 30, 2020.

WHAT DOES CMMC DO?

CMMC aims to standardize and improve cybersecurity practices within the Defense Department and Defense Industrial Base (DIB) ecosystem. It ensures that DIB companies implement appropriate cybersecurity practices and processes to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) within their unclassified networks.

WHO DOES CMMC APPLY TO?

CMMC applies to DIB contractors who’s unclassified networks possess, store, or transmit CUI as well as DIB contractors who’s unclassified networks possess Federal Contract Information (FCI). Entities that solely produce Commercial-Off-The-Shelf (COTS) products do not require a CMMC certification.

WHAT ARE THE CMMC LEVELS?

There are 5 CMMC Levels; each with associated controls and processes. CMMC Level 5 Certification is the highest (demonstrating advanced cyber hygiene); while Level 1 indicates basic cyber hygiene. CMMC Level 3 is great benchmark to target as it indicates “good cyber hygiene” and demonstrates full compliance with NIST SP 800-171 r1 and the Federal Acquisition Regulation (FAR). The DoD will specify the required CMMC level in Requests for Information (RFIs) and Requests for Proposals (RFPs).

WHO CAN PROVIDE CMMC ASSESSMENTS?

Authorized and accredited CMMC Third Party Assessment Organizations (C3PAOs) will conduct assessments and issue CMMC certificates to Defense Industrial Base (DIB) companies at the appropriate level. ControlCase will assist with getting you ready for the assessment – we provide gap assessment and remediation support.