ControlCase Announces RPO Status Under CMMC Program
ControlCase, a cybersecurity and continuous compliance company, has been authorized as a registered provider organization under the Cybersecurity Maturity Model Certification program.
RPOs are authorized to provide advice, consulting and recommendations to clients seeking to comply with the Department of Defense’s CMMC standards, which are aimed at protecting the defense industrial base.
CEO Mike Jenner said his company boasts a wealth of experience in other federal regulations such as the Federal Risk and Authorization Management Program, StateRAMP, Federal Information Security Management Act and National Institute of Standards and Technology 800-53.
“ControlCase has always been dedicated to helping organizations build and implement repeatable cybersecurity programs that address various security regulations,” Jenner added.
ControlCase said its methodology involves a thorough identification of data that may be considered federal contract information and controlled unclassified information, which is what the CMMC program seeks to protect.
The company said it then uses smart technology to evaluate the processes and practices that the client uses to provide products or services to the DOD, resulting in a clear picture of what systems need improvement.
RPOs are different from CMMC third-party assessor organizations, which are authorized to connect with organizations seeking certification on the CMMC Accreditation Body marketplace.
According to the CMMC-AB, RPOs only serve as consultants and are not authorized to conduct certified assessments.
The Pentagon began implementing the CMMC program in December 2020 to establish a stronger foundation for defense procurement. The department hopes to fully require all contractors within the defense industrial base to achieve compliance by the beginning of fiscal year 2026.
Tags: C3PAO CMMC ControlCase cybersecurity Cybersecurity Maturity Model Certification Defense Industrial Base Department of Defense FedRAMP FISMA Mike Jenner NIST 800-53 Registered Provider Organization RPO StateRAMP