An NSF International subsidiary has received approval from the Cybersecurity Maturity Model Certification Accreditation Body to serve as one of the program's third-party assessment organizations that can perform audit work for potential Department of Defense contractors.
NSF International Strategic Registrations will offer services intended to ensure that aerospace, defense, technology, software companies meet DOD's criteria for protecting controlled unclassified information before pursuing contracts, the nonprofit organization said Thursday.
NSF-ISR expects commercial assessments under the CMMC program to begin this spring.
The certified 3PAO designation comes after Tony Giles, business lead for information security at NSF-ISR, secured authorization to serve as a CMMC provisional assessor.
Rhia Dancel, an NSF-ISR technical manager, has been designated as a CMMC registered practitioner.
Jennifer Morecraft, senior managing director at NSF-ISR, said the company is honored to become one of the initial C3PAOs that will work to assess compliance in securing unclassified information involving assets like simulation software and aircraft components.
NSF-ISR also provides International Organization for Standardization and National Institute of Standards and Technology certification as well as other authorizations for management systems.