CMMC Level 2 Preparation Engagement
Level 2 Cybersecurity Maturity Model Certification requirements applies to all DoD contractors and subcontractors that process, store, or transmit Controlled Unclassified Information (CUI).
This includes Covered Defense Information (CDI), Controlled Technical Information (CTI), and International Traffic in Arms Regulations (ITAR) Data.
CMMC Level 2 aligns with the 110 security controls outlined in NIST SP 800-171 rev. 2. These controls cover 14 different security requirement families and address a broad range of cybersecurity practices necessary for protecting Controlled Unclassified Information (CUI).
A CMMC Level 2 third-party assessment is required for contracts handling Controlled Unclassified Information (CUI) that is deemed critical to national security. This assessment ensures the contractor has implemented and maintains the necessary cybersecurity practices to adequately protect this sensitive information.
A successful preparation engagement by Syndo will result in a technical and executive summary of findings, a Plan of Action and Milestones (POAM) to address discrepancies, and System Security Plan (SSP) that outlines the security requirements aligned to 110 NIST 800-171 controls and how those requirements are met.
After a preparation engagement, we also offer implementation, implementation tracking, and compliance tracking over time services. This is facilitated by our partners platform, Cyturus, which is the only platform that integrates directly with CyberAB allowing RPO’s to share artifacts and findings with C3PAOs - streamlining assessment.
We are also an indirect reseller for Microsoft via Pax8, and a direct reseller for Trellix, Palo Alto, VMware, and a host of other security solutions providers. Contact us below for more information!