The DCG team identifies your most serious gaps, shortfalls, and future challenges through the lens of the fourteen Cybersecurity Maturity Model Certification (CMMC) Domains. Conducted over the course of just three days, Quick-Look Assessments include a broad analysis of your information security processes, expert consultation time, and a report of findings designed to help you chart your path to compliance.
DCG documents where you are in your compliance journey, and articulates what must be done to bolster your existing information security processes. Gap Assessments can be performed in terms of the current Defense Federal Acquisition Regulations (DFAR) requirements, NIST 800-171, and/or the future Cybersecurity Maturity Model Certification (CMMC). Gap Assessments are conducted through the lens of Assessment Objectives. This week-long process also includes permanent access to DCG’s Basic Self-Assessment Tracker.
Basic Self-Assessments are a cornerstone of Cybersecurity Maturity Model Certification (CMMC) and the Defense Federal Acquisition Regulation Supplement (DFARS) 7019, and must be reported to the Supplier Performance Risk System (SPRS) on a triennial basis. However, we often find that the process can be challenging, especially for small and medium-sized businesses. The DCG team is available to support you throughout the preparation, execution, and documentation of your Basic Self-Assessment. We demystify the Self-Assessment process, and prevent inadvertent false claims, ensuring you are in the best position possible to pursue compliance.
Basic Self-Assessments are conducted on a variable timeline. They include a robust method of scoring against your goal certification, Plan of Action and Milestone (POA&M) development, and project list preparation, in addition to expert consulting services.
Basic Self- Assessment
As qualified Provisional Assessors who have studied the Cybersecurity Maturity Model Certification Assessment Process (CAP) since its first iteration, we are prepared to conduct your organization's Mock Assessment. Mock Assessments closely mimic true Defense Federal Acquisition Regulation Supplement (DFARS) and Cybersecurity Maturity Model Certification (CMMC) assessments. As the most comprehensive evaluation methodology available, Mock Assessments fully articulate your organization’s shortfalls at the level of individual information security Controls. At this stage, we not only report which requirements you have yet to satisfy, but why they are not addressed by your current system, and how to begin address of all identified gaps.
Internal Audit Consulting
Large organizations often rely upon an Internal Audit process to verify compliance performance. However, Internal Audit Teams are often unfamiliar with granular information security requirements, such as FIPS validated encryption. The new Cybersecurity Maturity Model Certification (CMMC) standard is highly technical, and will pose serious challenges to Internal Audit Teams and IT Departments alike. DCG offers consultation services which are tailored for Internal Audit professionals, and designed to prepare large operations to chart a course to compliance.
CISO as a Service
Allow us to take a leadership role in your security stack, or connect with us for occasional interactive consulting. As CISOs, DCG team members are available to provide responsive assistance and technical advice to your organization, helping you to implement essential information security systems and compliance mechanisms. CISO as Service is offered at minimal cost, and to the extent that best fits your needs, from just a few hours of consulting, to daily engagement, to ongoing support.
DCG is prepared to help you chart a path to the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) compliance. Based upon the wholistic philosophy of confidentiality, availability, and integrity (CIA), NIST CSF is a comprehensive cybersecurity framework ideal for organizations seeking improved information security.
Policy and Procedure Development
DCG's Cybersecurity Consultants and Technical Writers are available to support you in the development of your System Security Plan (SSP), policies, procedures, and other documentation essential to satisfying Cybersecurity Maturity Model Certification (CMMC) compliance.
Many information security projects are unique, and in today's fast-moving cyber landscape, they can quickly become unprecedented challenges. Whether you are working to introduce Incident Response exercises, design your Risk Process, or implement a new security tool, our experts can provide the hands-on help you need to go above and beyond compliant cybersecurity.