CMMC, NIST 800-171, DFARS Compliance Services

Direct iT: HELPING NEW ENGLAND BUSINESSES WITH COMPLIANCE, SECURITY AND AUDIT PREP FOR OVER 18 YEARS

Department of Defense contractors and subcontractors are scrambling to prepare for their upcoming CMMC self-assessments and audits.  C3PAOs (certified third-party auditing organizations) are being certified and processes finalized, but even now defense contractors are obligated to perform and upload self-assessments to the DoD for their review. With more than 18 years in business helping DoD subcontractors and contractors with security and compliance services, Direct iT can help.

Policy and process review

Gap analysis

Technical implementation

SPRS and Self Assessment Assistance

Threat Intelligence feed

Gap analysis and scoping

We work together to analyze your current processes, policies, and systems and determine which processes and systems are in-scope for DoD contracts (including all processes and systems that handle CUI, Controlled Unclassified Information ).  Then we analyze those processes based on the 17 practice requirements in CMMC and identify any potential gaps or issues.

Process and Policy Remediation

We remediate your processes and policy documents to make sure that all processes and training are compliant with CMMC requirements.

Systems Implementation

Direct iT can assist in deploying technical systems and security solutions where necessary to meet CMMC requirements, including FedRAMP-certified cloud services and Office 365 GCC / Government Cloud.

Self-Audit Assistance

Direct iT will assist with performing a self-audit following CMMC guidelines.