CMMC 2.0: Partnership
VXE is currently a candidate to become a CMMC 2.0 Third-party Assessment Organization (C3PAO), which entails a rigorous series of requirements to become acknowledged by the CMMC Accreditation authority, to provide CMMC 2.0 Certification Services.
CMMC 2.0 LIFECYCLE
FEDERAL GUIDELINES
Established CMMC 2.0
Title 48 CFR – 204.75
Key Takeaways
The contracting officer shall include in the solicitation the required CMMC level, if provided by the requiring activity. Contracting officers shall not award a contract, task order, or delivery order to an offeror that does not have a current (i.e., not more than 3 years old) CMMC certificate at the level required by the solicitation.
DIB CTR Requirements
Title 48 CFR – 252.204.7021
Key Takeaways
(b) Requirements: The Contractor shall have a current (i.e. not older than 3 years) CMMC certificate at the CMMC level required by this contract and maintain the CMMC certificate at the required level for the duration of the contract.
(c) Subcontracts: The Contractor shall: Prior to awarding to a subcontractor, ensure that the subcontractor has a current (i.e., not older than 3 years) CMMC certificate at the CMMC level that is appropriate for the information that is being flowed down to the subcontractor.
CMMC 2.0 LEVELS & REQUIREMENTS
Level 1 (Foundational)
- Model: 17 practices
- Assessments: Annual Self-Assessment
Level 2 (Advanced)
- Model: 110 practices based on NIST SP 800-171
- Assessments: Triennial Third-Party
Level 3 (Expert)
- Model: 110+ practices based on NIST SP 800-172
- Assessments: Triennial Gov’t-led
The ‘Secret’ Sauce
Preferred Partnerships
Apptega & VXE have established a Platinum-Tier Partnership to leverage Apptega’s Cybersecurity Management Software.
World Class Talent
Cybersecurity Engineers & Analysts assess, build, manage, connect, and report on all of our client’s Cybersecurity functions.
Certifications:
VXE employs industry-recognized experts & Cyber AB CMMC 2.0 certified professionals to streamline your organization’s Cyber needs and become CMMC certified.
Automate, Boost, & Enhance
CMMC 2.0:
Our partnership with Apptega allows VXE to boost efficiency by 50%* by leveraging Harmony: an Intelligent Framework Crosswalk tool to automatically map “answered” security controls in one framework, to their “common relatives” in another.
CMMC 2.0 DEEP DIVE
Mitigation & Remediation
- Leveraging Apptega, VXE addresses all applicable security objectives, derived from scoping the network & corresponding CMMC maturity level, required for your business.
- Each objective will be implemented with CyberAB’s assessment objects & methods in mind, while ensuring VXE’s efforts are both precise & lightweight, limiting impact to business operations.
Auditing & Certification
The CMMC Ecosystem is comprised of four roles:
- Defense Industry Base (DIB) Contractors
- Consultants & Implementation
- Assessing & Certification
- Training & Instructors
CMMC 2.0 as a Service
- Achieving CMMC 2.0 certification is challenging all on its own, “sleeping” on maintenance and sustainment and assuming you have a “3-year vacation” before readdressing CMMC, is a recipe for disaster.
- VXE is your vanguard for the 1st half of the battle and your agent for the 2nd half, by actively maintaining your security posture up to date and in the hands of VXE experts.
The President of the United States, through EO 14028: Improving the Nation’s Cybersecurity, has instructed DFARS to implement contractual requirements for protecting sensitive information (FCI & CUI).
Contact Us
Want to Partner with VXE for CMMC 2.0?
Fill out the contact form below and we’ll get in touch with you!
Partner with Us!
Email: cmmc@valiant-x.com
…or click to contact us directly.