CMMC 2.0 Assessments & Certification (NIST SP 800-171)

Department of Defense (DoD) Manufacturers & Contractors

Are You Ready to Start Your CMMC Compliance Journey?

Let us help start the assessment services you need to prepare and maintain the policies and procedures required for CMMC compliance.

Contact Us

If your business has contracts with the US Department of Defense, you know that there is a new cybersecurity mandate that your company must follow.

In this episode of The LIPN Podcast, we spoke with Thomas Nohs of DataSoftNow to learn more about these CMMC protocols. Tom and I discussed what this new certification is, what roadmaps and timelines companies need to follow, and how to get the process started to ensure your own company is fully certified in order to win your next bid.

Who We Are

DataSoftNow is an industry leading cybersecurity consulting firm. We are a CMMC Certified Third-Party Assessor Organization (C3PAO).

All of our consultants have also been trained and hold's certification of a Certified Information System Security Professional (CISSP), Registered Practitioner (RP), and Certified CMMC-AB Certified Professional (CCP)


What does that mean for your organization?

DataSoftNow was trained by the Department of Defense (DoD) to perform assessments and consulting with the knowledge of a CISSP and training of the CMMC-AB. We can help you understand the requirements, walk you through what you need, and help keep costs down by getting everything done correctly in the first place. Serving Long Island, New York

We will help you with the following processes:

    • CMMC 2.0 Gap Assessment Services
    • System Security Plan (SSP) Services
    • Plan Of Action & Milestones (POAM)
    • CMMC Readiness Review

CMMC Gap Assessment Services

We will take a look at your current security protocols and determine how close you are to meeting requirements of your designated CMMC level.

Using our extensive understanding of the NIST SP 800-171 requirements, DataSoftNow can help you build a plan of action and necessary milestones you need to fill in the gaps.

Ask About Our CMMC Gap Assessment Services

System Security Plan (SSP) Services

In today's word, cybersecurity is not a simple Yes or No. It’s about practices and processes. And it needs to be built into your company as an integral part of its culture.

If you don't have the internal staffing and skills to build and implement these practices and processes, DataSoftNow can help.

With our SSP-Services we can help take that burden from you and guide your company through all your required procedures.

And since your SSP is a living document, we can also manage and maintain your SSP as required by the CMMC-AB Certification.

Ask About Our System Security Plan (SSP) Services

Plan Of Action & Milestones (POAM)

  • When preparing and performing your Pre-Assessment review, we will find items that need actions to remediate.
  • Using this data, DataSoftNow will create a project management “to do” list known as a POAM, where tasks are assigned and tracked.
  • We can create and maintain your POAM until its completion. Monthly or weekly reports of the progress will be provided to be sure your expectations and deadlines are being met.


Ask About Our Plan Of Action & Milestones (POAM) Services

Readiness Review

When you feel you are ready for your certification, DataSoftNow can bring in a CMMC-AB Registered Practitioner (RP) to perform your Readiness Review. The RP will perform the documented process of cataloging and gathering all your practices and processes’ objective evidence and get it ready for your CMMC Assessor.

By having everything prepared and documented by one of our RP’s, we can make sure you have what you need to pass your CMMC Audit the first time, saving you time and money and reducing the final cost of your certification.

Contact Us for Your Readiness Review