Cyber Security Maturity Model Certification (CMMC) Preparation & Certification
Whether you need to become compliant, or are looking to harden security, we will take care of you.
New CMMC guidelines are coming into effect and our team has expertise in preparing defense contractors to meet CMMC compliance. With RPO and C3PAO qualifications, we consult with a vast array of government contractors to support preparations for CMMC compliance and for certification.
Contact us to get a quote
Find us on the CMMC-AB Marketplace list of providers.
CMMC 3rd Party Assessor (C3PAO) – Getting Certified
La Jolla Logic is one of the first CMMC Third-Party Assessor Organizations (C3PAO’s) approved by the CMMC Accreditation Body (CMMC-AB) to provide CMMC Assessments with CMMC Provisional Assessors on staff who have been trained and certified to perform provisional CMMC assessments and consulting.
As a CMMC Third Party Assessor Organization (C3PAO) we perform CMMC Assessments for CMMC Level 1 and Level 3.Get Started
CMMC RPO – Preparing Your Organization
As a CMMC Registered Provider Organization (RPO), LJL is available to provide advice, consulting, recommendations, and implementation of appropriate security controls to our clients. We have deep expertise in conducting NIST 800-171 security control and CMMC gap analysis (up to ML 5), self-assessments for SPRS registration, development of SSPs, POAMs and IT Policy and Procedure documentation. LJL’s Registered Practitioners (RPs) have direct DoD Cybersecurity experience, appropriate industry certifications (CISSP, Security+, CASP…) and DoD security clearances.
Cybersecurity is a changing landscape and every business needs to understand their security posture and plan steps to improve, maintain, defend and respond. As a third-party independent organization we bring proven methods for performing a gap analysis to discover inadequate system configurations and processes, ensuring your business meets all of the required controls.
Our gap analysis method determines what changes are necessary for an organization to meet the required CMMC level. La Jolla Logic experts use the findings to create a remediation plan addressing any deficiencies - we diagnose where you are and what you need to do to achieve the desired end goal. Our team devises a definitive roadmap to get your organization to full compliance for meeting CMMC demands and/or NIST 800-171 controls.Get Started
NIST 800-171 Compliance
As of November 30, 2020, the CMMC Interim Rule requires all contractors and subcontractors to maintain a Basic NIST SP 800-171 DoD Assessment using the NIST SP 800-171 DoD Assessment Methodology in the Supplier Performance Risk System (SPRS) prior to contract award.
As a DoD Cybersecurity and Advanced Technology Firm, working with NIST guidance and security controls is our second nature. We have been supporting the Industrial Base with NIST SP 800-171 Compliance since 2017 and have developed efficient processes, procedures, and templates to aid our clients with the following:
- Conducting NIST SP 800-171 Basic Self-Assessment (and subsequent score for SPRS entry)
- System Security Plans (SSPs)
- Plan of Action and Milestones (POAM)
- Implementation & Remediation Support – support and participation in design of required infrastructure changes, implementation of controls, policy development, documentation to achieve desired compliance state
- Risk Management Framework Consulting
- NIST 800-171 Gap Analysis consulting and implementation
Risk Management Framework (RMF) Accreditations
Preparation | Assessment
NIST SP 800-37 rev2 Risk Management Framework (RMF) is a widely used framework within the DoD. La Jolla Logic brings decades of DoD experience with accrediting and fielding technologies, systems and applications under DITSCAP, DIACAP, and RMF through Defense Counterintelligence and Security Agency (DCSA) and DoD Authorizing Officials across the Navy, Air Force, and Army components.
Each branch and its networks of subordinate commands have their own unique set of requirements and preferences in the accreditation process; our engineers leverage years of experience with these organizations and their ever-changing processes to accredit industry developed products, systems, applications, and even facilities for our clients.
Your company can leverage our cybersecurity experts in a manner that best suits your needs:
- General RMF Guidance (Steps 1-6)
- ISSE/ISSM support
- Use us to develop the entire RMF package and submit to DCSA through eMASS (we are experts in this tool!), assist in responding to DCSA questions, remediating any deficiencies, all the way through to Authority to Operate (ATO)
- Or, we can function as advisory support/consultants on an as-needed basis to guide and train your team and assist with all or some portions of the package – you choose!