Cybersecurity Maturity Model Certification (CMMC)
As rulemaking around CMMC 2.0 is currently underway, all DoD suppliers will be mandated to comply with the Cybersecurity Maturity Model Certification requirements by 2025 in order to bid on new contracts or continue to do business with the DoD. This cybersecurity certification verifies your company employs information security practices that safeguard federal contract information and controlled unclassified information -- such as technical drawings for military aircraft – to help protect national security.
The Defense Industrial Base has been given the green light to undergo voluntary assessments with CMMC-accredited third-party assessment organizations ; obtaining certification ahead of final rulemaking and the mandatory deadline will provide a competitive advantage in responding to requests for information (RFIs) and requests for proposals (RFPs).
Why Certify With Us
NSF-ISR is one of the first candidate CMMC Third-Party Assessor Organizations (C3PAOs) to be listed in the CMMC-AB marketplace.
Our experience in information security runs deep. Our dedicated CMMC professionals include a certified CMMC Provisional Assessor and a certified CMMC Registered Practitioner. Both are lead ISO/IEC 27001 and NIST 800-171 auditors, and our whole team has deep information security knowledge and experience.
NSF-ISR is an ISO/IEC 17021 accredited certification body and our parent company, NSF, is ISO/IEC 27001 certified.
More About CMMC
CMMC is based on NIST 800-171 controls and have three levels, ranging from Level 1- foundational to Level 3- expert. The DoD will specify the required CMMC level in RFIs and RFPs. Most organizations will be required to meet Level 1 or Level 2 certification.
The CMMC model is cumulative with each level consisting of unique practices, as well as those specified in the lower level.
CMMC certification assesses a company’s implementation of cybersecurity practices.
Ready or Preparing for CMMC?
Begin the process with us or get your CMMC questions answered.
Case Study: NSF-ISR Provides Full ISO/IEC 27001 Certification Remotely
Introduction to Controlled Unclassified Information (CUI)
A Guide to Cybersecurity Maturity Model Certification (CMMC) Levels
News and Events
NSF to Host its Inaugural Information Security Symposium: Compliance vs. Attack
January 13, 2022
NSF-ISR Authorized to Help Protect the Department of Defense Supply Chain Through New Cybersecurity Program
February 25, 2021
What Does the Strengthening Organic Rule Mean for the US Food Industry?
January 27, 2023
Coway Earns NSF-JWPA P508 Certification for its Water Purifier, CHP-264L
December 19, 2022