Cybersecurity Maturity Model Certification | ComTec Solutions

Cybersecurity Maturity Model Certification

ComTec Solutions is a Certified CMMC Registered Provider Organization


We help organizations contracted by the U.S. Department of Defense (DOD), and others, throughout the U.S. navigate the complexities of DFARS, NIST 800-171, and the Cybersecurity Maturity Model Certification (CMMC). Through our many experiences, we provide the resources needed to perform the remediation steps required to become compliant and the legal documentation to prove compliance has been reached and is being maintained when the time comes for a CMMC Audit.

What is CMMC?

The DOD released CMMC to strengthen an earlier standard known as the Defense Federal Acquisition Regulation Supplement (DFARS) and to address the growing information security concerns across their supporting contractor ecosystem.

The DOD is implementing CMMC as a verification framework to ensure appropriate cybersecurity practices and processes are in place for the protection of Controlled Unclassified Information (CUI) that resides within the Department’s supply chain partners’ networks. The requirements will vary depending on the level of risk each organization presents and includes three maturity levels. Each level has greater compliance requirements regarding NIST SP 800-171.

Visit https://www.acq.osd.mil/cmmc/index.html for more information.

Get a CMMC Consultation

Navigating CMMC Requirements

In November 2021, the DOD announced “CMMC 2.0,” an updated program structure and requirements designed to achieve the primary goals of safeguarding sensitive information and enhancing the cybersecurity of contractors working with the Department.

Key features of CMMC 2.0:

Changes in CMMC 2.0 will be implemented through a rulemaking process and companies will be required to comply once the forthcoming rules go into effect. In the interim, the Department plans to suspend the current CMMC Piloting efforts and will not approve inclusion of a CMMC requirement in any DoD solicitation. However, it is encouraged to continue efforts with enhancing cybersecurity while the rulemaking is ongoing. For more details, visit the Acquisition & Sustainment Office of the Under Secretary of Defense website.

To learn more about the audits, the assessment guides below provide clarity on how assessments will be conducted.

CMMC Recommended Playbooks:

NIST SP 800-171, Revision 2
DOD Assessment Methodology NIST SP 800-171A

CMMC Audit Preparation & Assessment Services

If you’d like to speak with someone about preparing for a CMMC audit, feel free to give us a call at (585) 621-9303 or schedule a CMMC consultation. Fill out the form below and one of our specialists will be in touch soon.

CMMC Consultation - CMMC Page

Stay up to date

Join Mailing List

Be the first to find out about technology updates affecting the demands placed on businesses today.