Last Updated on March 16, 2023
Achieving NIST 800-171 compliance has been a significant challenge for many contractors in the US Defense Industrial Base (DIB). The coexistence of NIST 800-171 with the new Cybersecurity Maturity Model Certification (CMMC) makes cybersecurity compliance even more complex, and also raises the security bar for firms that handle Controlled Unclassified Information (CUI).
As the CMMC gradually replaces NIST 800-171 in US Department of Defense (DoD) contracts, many contractors will need to deal with existing contracts that mandate NIST 800-171 compliance, plus new contracts that require CMMC certification. Critical to success is the ability to manage and maintain documentation, evidence, action item status, etc. across these two overlapping standards without duplication of effort.
Is your organization ready to face this new CMMC challenge with confidence?
To help DIB suppliers manage compliance risk and streamline the CMMC certification process, DoD supply chain leader Exostar offers the cloud-based Certification Assistant platform. Certification Assistant provides self-guided, step-by-step support to reduce the resource and operational burdens associated with accurately completing your NIST 800-171 self-assessment and/or preparing for successful CMMC certification.
How Certification Assistant Works
Exostar’s Certification Assistant enables suppliers to understand each control they need to implement to achieve full NIST 800-171 and/or CMMC compliance, along with the associated tools, processes and policies. Taking into account that CMMC Level 3 (the minimum requirement for firms that handle CUI) is basically a superset of NIST 800-171, Certification Assistant provides a “bridge” to help you prepare for CMMC Level 3 certification alongside NIST 800-171 self-attestation without duplication of effort.
The user-friendly Certification Assistant web interface offers guidance and resources to assist throughout the assessment process. The platform enables you to assign and track action items, manage compliance status, and identify and monitor security gaps/issues.
Certification Assistant also includes storage for documents, evidence and evaluation criteria. Security to control access and protect information is provided by Exostar’s industrial strength Managed Access Gateway (MAG) and One Time Password (OTP) credentialing.
Tiered options and price points
To make adoption even more of a no-brainer for SMBs, Exostar offers Certification Assistant with a free one-year subscription for CMMC Level 1 certification (Certification Assistant Lite).
Companies that need to achieve CMMC Level 3 can start with or upgrade to Certification Assistant Standard. Certification Assistant Premium is available for firms that need to achieve CMMC Level 5. Each tier includes a dashboard and supports reporting against risk and compliance attributes, as well as the ability to upload evidence and artifacts.
There’s no downside to getting a boost on your CMMC journey now with the free Certification Assistant Lite offering. You can upgrade to Certification Assistant Standard or Premium at any time.
Looking for expert guidance to position you to keep and grow your DoD-related business? Pivot Point Security offers a full spectrum of CMMC compliance services backed by 20+ years helping thousands of organizations like yours prove security and compliance.
Contact us today to schedule time with a CMMC expert.
A Simple Guide to Comply with the DoD's Cybersecurity Maturity Model Certification (CMMC) This NEW CMMC V2 Certification Guide will give you a quick and easily digestible introduction to the CMMC and the process we use to help our clients become CMMC compliant.