Cybersecurity Maturity Model Certification (CMMC)
Compliance
As an accredited CMMC RPO by the CMMC Accreditation Body, we help DoD contractors throughout the U.S. navigate the complexities of DFARS, NIST 800-171, and CMMC.
Our combined experience spans over six decades in not only the DoD space, but also within the Defense Industrial Base (DIB). With our headquarters in Burlington, MA, we have a primary geographical coverage of the New England area with rapid scalability throughout the United States. In addition, each of our professionals hold a current DoD security clearance.
Firestorm Dynamics offers pre-assessment services to help your organization map your existing controls to the CMMC model, identify gaps, and provide clear steps to meet your required maturity level. We also help provide comprehensive document preparation. A pre-assessment will help save your organization costs by identifying and addressing elements before a formal CMMC audit.
Our 3-Step Process
1. CMMC Assessment
We perform a detailed assessment of your current network and compare it with the cyber security controls required in NIST SP 800-171 plus other controls. This process reveals your compliance “gaps” and what you need to do to prepare for CMMC.
2. SSP & PO&AM
Based on the Gap Analysis, we prepare a System Security Plan (SSP) & Plan-of-Action & Milestones (PO&AM) providing documented evidence for you to show the DoD or your Prime that you’re on your way towards compliance.
3. Remediation
The items called out in the PO&AM are addressed. Depending on the current state of your IT systems, this can be as simple as implementing multi-factor authentication or as complex as refreshing an entire aging infrastructure while developing thorough documentation in the form of policies, plans and implementation guides.