C3PAO - Certified Third-Party Assessor Organization

DataSoftNow is an Authorized CMMC - Certified Third-Party Assessor Organization (C3PAO)

DataSoftNow, Inc. is authorized to begin contracting for CMMC Assessments (Level 2) with companies and organizations seeking CMMC certifications.

Until the completion of the Federal rulemaking DataSoftNow is authorized to participate in the Joint Surveillance Voluntary Assessments Program in partnership with the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC).


DoD - Joint Surveillance Voluntary Assessments Program

 

Serving the New York Tri-State Area and beyond.

The Joint Surveillance Voluntary Assessment allows voluntary assessments to start and then be converted into a three-year CMMC certification when the rulemaking goes into effect. The Pentagon’s Cybersecurity Maturity Model Certification program is overseen by the Office of the DOD CIO and supported by DCMA’s Defense Industrial Base Cybersecurity Assessment Center when it comes to the actual assessments.

The DIBCAC was “given the authority and responsibility to do assessments” based on the 2020 interim final rule that established the CMMC program and inserted the 7019 and 7020 clauses in the Defense Acquisition Regulation Supplement, according to CMMC director Stacy Bostjanick.

 


Readiness to schedule a Joint Surveillance Voluntary Assessment

  • A prerequisite to the Joint Surveillance Voluntary Assessment
    • Current contract with the DoD of a Prime Contractor.
    • Contract the assessment with an authorized C3PAO.
      • Perform and confirm readiness review to determine if you are ready.
  • C3PAO will coordinate with the Cyber AB and schedule the Joint Surveillance Voluntary Assessment with the DIBCAC.
  • DIBCAC determines the priority based on your contracts and schedules the assessment with the C3PAO

To learn more about the a CMMC 2.0 Level 2 Assessment Certification and the Joint Surveillance Voluntary Assessments Program Contact Us .