GiaSpace has been following the DoD and the CMMC-AB over the past year developing and redefining guidelines for DoD Contractors with regards to Cyber Security. For years NIST 800-171 based policy and procedure templates were filled out and stored on a fileserver, dusted off only when needed for a pending or awarded contract or an on the spot audit. The DoD realizing this type of self-governing was not effective and that the governing systems needed to adapt to address the current threats in the supply chains. Over the next 5 years, most DoD Contractors that are awarded contracts will need to be a minimum of ML1 and others ML3 depending on the FCI/CUI that their awarded contract will require.
With all the confusing information on the internet and no clear direction, GiaSpace can help guide companies to achieve the Level needed and maintain compliance. Be careful there are Large companies making bold statements with ridiculous pricing associated. The CMMC-AB Certification was not created to cause an unnecessary financial burden, rather much needed structure in regards to Cyber Security.