Tego Achieves RPO Status Under CMMC Program

Tego, an information technology engineering company, announced that it has become a registered provider organization under the Department of Defense’s Cybersecurity Maturity Model Certification program.

The DOD established CMMC to raise the bar for cybersecurity among defense contractors and address supply chain management issues.

aCMMC includes sets of cybersecurity requirements that contractors must meet before they can do business with the DOD, Tego said Thursday.

RPOs are authorized to provide advice, consulting and recommendations to members of the defense industrial base, according to the CMMC Accreditation Body website.

Tego said the RPO status demonstrates its competence in providing CMMC compliance solutions and services designed to prevent intellectual property theft in the DOD’s supply chain.

“As an RPO, we are now able to offer additional support for our clients in the DOD space, which already includes industry leaders in Intelligence, Surveillance and Reconnaissance and the US Military itself,” Tego owner Nolan Smith said.

The CMMC-AB website notes that RPOs only serve as “implementers” and consultants and are not authorized to conduct certified CMMC assessments.

Assessments may only be performed by certified third-party assessment organizations, which themselves are required to have achieved CMMC Level 3 certification.

Tego said it also employs Greg Manson, a CMMC registered practitioner, as vice president of security, audit and compliance.

RPs may deliver non-certified advisory services informed by basic training on the CMMC standard, the CMMC-AB website says.

Manson has decades of experience in helping clients reduce the cyber risk exposure of their IT systems and data.