C3PAO designation

Sentar Named CMMC Third-Party Assessment Organization

The Cyber AB has named Sentar a certified third-party assessment organization, expanding the number of accredited cybersecurity evaluation services providers. As a C3PAO, Sentar is authorized to conduct Cybersecurity Maturity Model Certification assessments of companies that want to secure contracts from the Department of Defense. The CMMC program aims to ensure the defense industrial base can protect controlled unclassified information and federal contract information, Sentar said.

According to Stephen Pratt, chief information security officer at Sentar, the company achieved the C3PAO status following a rigorous DIB Cybersecurity Assessment Center evaluation, which focused on Sentar’s security posture and the expertise of its personnel.

The women-owned business has already completed several CMMC readiness assessments. Besides being a C3PAO, Sentar is also a CMMC registered provider organization and a Federal Risk and Authorization Management Program-accredited assessment organization for cloud service providers.

The CMMC program was initially set for implementation in 2021 but was canceled due to concerns regarding assessment costs. In July, The Cyber AB released a draft CMMC process document to gather comments from the industry. The CMMC Assessment Process, however, gained negative feedback, prompting the organization to make revisions. The Coalition for Government Procurement is among the entities that oppose the planned CMMC process, arguing that the proposal would add more burden to companies, particularly to small businesses.

In a public meeting on Tuesday, Matt Travis, CEO at The Cyber AB, said the organization will continue working on the document and inform the industry about the changes made each month.