Cybersecurity compliance
CMMC Third-Party Assessment Organization Status Granted to NSF-ISR
The National Sanitation Foundation International Strategic Registrations has been designated a third-party assessment organization for Cybersecurity Maturity Model Certification, allowing it to evaluate whether prospective Department of Defense contractors have complied with certain controlled unclassified information protection requirements.
CMMC compliance is meant to assist defense industry companies with meeting contractual cybersecurity requirements, NSF-ISR said.
The Defense Contract Management Agency’s Defense Industrial Base Cybersecurity Assessment Center reviewed NSF-ISR’s technical controls and procedures before granting C3PAO status.
The Ann Arbor, Michigan-based standards testing firm said it would join a joint voluntary assessment program that will allow organizations to undergo cybersecurity evaluation that would subsequently be converted to CMMC Level 2 certification once CMMC rules go into effect.
NSF-ISR is now listed on the Cyber AB’s Marketplace as a C3PAO. The Cyber AB is a Maryland-based nonprofit that serves as the principal CMMC accreditation body.
Other C3PAOs include accounting firm Cherry Bekaert, cybersecurity and compliance auditor Kompleye Attestation and the information technology consultancy Booz Allen Hamilton.
Category: Cybersecurity