CMMC 2.0 Gap Assessment

Edwards Performance Solutions (Edwards) proposes conducting a gap assessment against NIST 800-171 using the NIST SP 800-171 DoD Assessment Methodology and CMMC Assessment Guide Level 2. This assessment will result in an assessment score in the format needed for posting in SPRS, a gap assessment and a POA&M.
Edwards gap assessment report not only shows you what you will need to do to pass a formal assessment platform but also provides suggested project line items that will become your POA&M.

Our comprehensive assessments provide a blueprint to help you target, prioritize, and address vulnerabilities, while managing ongoing cybersecurity risks. We assess your organizational information security program using the following steps:
• Assess shared infrastructure (e.g., boundary protection, network security controls, intrusion prevention and detection systems) and services common (e.g., Human Resource processes, Corporate Policies and Procedures) to all systems
• Assess the security implementation of the systems through:
 Existing documentation review
 Interviews with personnel
 Observation of system controls
• Record observations:
 Capture observations for each control that describe how it is currently met or not met

 Determine if the current implementation satisfies the 800-171 control and the Assessment Objectives
 Provide a gap analysis for controls that are not fully satisfied
All this analysis will be captured and cataloged in the assessment report.

FutureFeed Partner Status:
Partnership Pending
Provider Type:
Candidate C3PAO
Authorized C3PAO
RPs (Registered Practioners): 8
PAs (Provisional Assessors): 4
CCPs (Certified Professionals): 0

Public discussion (0)

You must log in to send a new comment.