Coalfire Federal has been certified by the accreditation body of the Department of Defense's Cybersecurity Maturity Model Certification program to conduct audits to determine compliance of defense contractors with mandatory cybersecurity standards set by the Pentagon.
The designation as CMMC Third-Party Assessment Organization was made after selected Coalfire Federal employees received training from the CMMC Accreditation Body and were named as provisional assessors for the certification program, the company said Tuesday.
Coalfire Federal was also certified as a CMMC Registered Practitioner Organization, allowing the company to offer advisory services across the defense industrial base to help contractors prepare to meet CMMC certification levels for security posture or maturity based on the sensitivity of the information handled by the companies.
DOD aims to address unauthorized access and theft of controlled unclassified information through the CMMC program.
"We expect there will be lessons learned about the implementation and verification of CMMC practices and processes during the inaugural audits of 1,500 Pathfinder companies that will be performed in 2021," said Bill Malone, president of Coalfire Federal.
Aside from the CMMC-AB approval, the company has certification from the General Services Administration to perform audits as part of the Federal Risk and Authorization Management Program, which standardizes approach to assessing security of cloud products and services.