DGC's IT Risk Assurance & Advisory Practice can help you achieve compliance with the CMMC. We are actively engaged with our clients across all areas of the CMMC framework including gap assessments, self-assessments, and both SSP and POAM development. We encourage you to review these CMMC resources and reach out to us if you have questions.

CMMC is on the horizon and companies in the defense supply chain have many questions. In this video podcast, Nick DeLena and Scott Goodwin from DGC’s IT Risk Assurance & Advisory practice are here to tell us if these five statements about CMMC are true or false. Watch the video

The Department of Defense has indicated that the CMMC's ultimate scope will grow beyond the defense supply chain, potentially impacting private companies doing business with all branches of the federal government. Read more

While the CMMC is largely based on NIST 800-171, there are some changes, including new process maturity requirements. In addition, companies will need to demonstrate CMMC certification prior to taking award of a contract. Watch the webinar or read an article about this topic

The Defense Federal Acquisition Regulation Supplement Interim Rule went into effect in November 2020 and had an unexpected surprise for contractors subject to DFARS 252.204-7012. Read more

Regulations are continuously changing and it’s essential to be certain your A&E firm is compliant. CMMC impacts A&E firms that have contracts with the Department of Defense either directly or as subcontractors. Watch the webinar
If you have questions about who is impacted by the CMMC standards and what the compliance and certification process looks like, please contact a member of your DGC client service team or Nick DeLena, CISSP, CISA, CRISC, CDPSE at 781-937-5191 / ndelena@dgccpa.com or Scott Goodwin, OSCP, OSWP at 781-937-5722 / sgoodwin@dgccpa.com.