Cybersecurity Maturity Model Certification (CMMC)
Secure your organization’s standing in the U.S. Department of Defense (DoD) supply chain.
By 2025, all DoD suppliers will be mandated to comply with the Cybersecurity Maturity Model Certification requirements in order to bid on new contracts or continue to do business with the DoD. This cybersecurity certification verifies your company employs information security practices that safeguard controlled unclassified information -- such as technical drawings for military aircraft – to help protect national security.
Commercial assessments will be underway soon; obtaining certification ahead of the mandatory deadline will provide a competitive advantage in responding to requests for information (RFIs) and requests for proposals (RFPs).
Why Certify With Us
NSF-ISR is one of the first CMMC Third-Party Assessor Organizations (C3PAOs) to be listed in the CMMC-AB marketplace.
Our experience in information security runs deep. Our dedicated CMMC professionals include a certified CMMC Provisional Assessor and a certified CMMC Registered Practitioner. Both are lead ISO/IEC 27001 and NIST 800-171 auditors, and our whole team has deep information security knowledge and experience.
We also provide certification to ISO/IEC 27001 and NIST 800-171, whose frameworks were used as the core to develop CMMC, as well as to ISO/IEC 20000-1 and CSA STAR.
NSF-ISR is an ISO/IEC 17021 accredited certification body and our parent company, NSF International, is ISO/IEC 27001 certified.
More About CMMC
CMMC is based on NIST 800-171 controls and has five levels, ranging from Level 1- basic cyber hygiene to Level 5- advanced / progressive. The DoD will specify the required CMMC level in RFIs and RFPs. Most organizations will be required to meet Level 1 or Level 3 certification.
The CMMC model is cumulative with each level consisting of unique practices and processes, as well as those specified in the lower levels.
CMMC certification assesses both a company’s implementation of cybersecurity practices and its maturity processes.
Ready or Preparing for CMMC?
Begin the process with us or get your CMMC questions answered.
Cybersecurity Maturity Model Certification (CMMC) Terminology and FAQs
Cybersecurity Maturity Model Certification (CMMC) Assessments and What You Need to Know
Cybersecurity Maturity Model Certification (CMMC) - Level 1 Conversation
News and Events
NSF-ISR Authorized to Help Protect the Department of Defense Supply Chain Through New Cybersecurity Program
February 25, 2021
GMP Harmonization: NSF Is Approved for Amazon Supplement Sales Rules
May 7, 2021
Celebrating a Pioneer in Public Health and Drinking Water Safety: Dr. Nina McClelland
March 30, 2021
Nine Potentially Harmful Stimulants Found in Weight Loss and Sports Supplements Listing Deterenol as Ingredient
March 23, 2021