Bolstering supply chain security and instilling acquisition confidence
U.S. Department of Defense (DoD) contractors are required to implement 110 NIST SP 800-171 practices to protect controlled unclassified information (CUI) under current DFARS 252.204-7012 contract obligations. CMMC, a three-level cybersecurity standards program, also requires organizations handling CUI to meet those same 110 practices and pass a third-party assessment at Level 2.
Coalfire and Coalfire Federal have more than 20 years’ experience providing advanced cyber support to highly regulated organizations in the defense industrial base. As one of only a handful of CMMC Third-Party Assessor Organizations (C3PAOs), we’re uniquely qualified to guide you in your CMMC compliance journey.