As a client of Degree Six you already have the technical level to meet CMMC Level 1 at least. From there we may use our assessment tools, CIO services, and add-ons to get you to the level you decide you need to be. Further, to meet the NIST interim rule we have partnered with the necessary scanning and documentation tools to assist you ensuring compliance with NIST 800-171.
NIST 800-171 is the compliance framework mandatory for all DoD contractors before CMMC. It is a self-certification, as opposed to the CMMC third part certification. CMMC is mostly composed of NIST 800-171 controls. It is still currently required to achieve self-certification for many DoD contractors and log your score into Supplier Performance Risk System (SPRS).
We follow the guidelines of the CMMC-AB and DoD to get ensure your documentation and systems are ready for certification. Level 1 only has 17 practices but Level 3 goes up to 130; both need the artifacts to prove their mitigation. And the intention is to secure Personal Identifiable Information (PII) and Federal Contract Information in Level 1 and transition into securing Controlled Unclassified Information (CUI) by Level 3:
One of the surest ways to decrease the cost of NIST while passing certification and generally supporting and protecting your company is with an MSP (Managed Services Provider), like Degree Six.
As IT/Security professionals we focus entirely on your IT support, security, and compliance while you focus on your business.
For help with NIST 800-171 compliance in Washington, DC, fill out our form below.