Department of Defense contractors and subcontractors are scrambling to prepare for their upcoming CMMC self-assessments and audits. C3PAOs (certified third-party auditing organizations) are being certified and processes finalized, but even now defense contractors are obligated to perform and upload self-assessments to the DoD for their review. With more than 18 years in business helping DoD subcontractors and contractors with security and compliance services, Direct iT can help.
Policy and process review
SPRS and Self Assessment Assistance
Threat Intelligence feed
We work together to analyze your current processes, policies, and systems and determine which processes and systems are in-scope for DoD contracts (including all processes and systems that handle CUI, Controlled Unclassified Information ). Then we analyze those processes based on the 17 practice requirements in CMMC and identify any potential gaps or issues.
We remediate your processes and policy documents to make sure that all processes and training are compliant with CMMC requirements.
Direct iT can assist in deploying technical systems and security solutions where necessary to meet CMMC requirements, including FedRAMP-certified cloud services and Office 365 GCC / Government Cloud.
Direct iT will assist with performing a self-audit following CMMC guidelines.