CMMC Solutions: Oversight & Assurance

Clarity of thought, built over 100 years of international experience

CMMC Europe is a group of experienced and qualified partners in cybersecurity, cyber risk management, legal, consulting and executive placement.  Who provide organisations with advisory services for the design and delivery of CMMC compliance, cyber risk management, cybersecurity oversight and assurance and organisational design.

We have all held senior leadership positions and are experienced in board advisory and educating boards in cybersecurity, delivering executive governance, oversight and assurance.  Andy the founding partner has delivered cybersecurity and cyber risk management strategy, board governance and oversight to executive leadership teams across a range of industry sectors and works as an expert witness specialising in cyber security and risk with Government agencies.  He is a Chartered Security Professional (CSyP) and CSyP assessor, one of only 2 Professional qualifications recognised by the UKs Centre for the Protection of National Infrastructure (CPNI), he holds a place on the UKs Register of Chartered Security Professionals and Associate of the Academy of Experts.

CMMC Oversight & Assurance

Current FAR (48 CFR 52.204-21) and DFARS (48 CFR § 252.204-7012) requirements apply to organisations and agencies who supply services to Federal and non-federal agencies.  They require the implementation of cyber security practices including NIST 800 – 171 (r2).  If and when the additional CMMC changes are added to DFARS regulations they will add requirements for independent accreditation over organisations, assuring that the appropriate CMMC practices to the Level (1-5), defined by the DoD have been applied.  Prior to the commencement of contract fulfilment for DOD contracts.

We work with corporates and government clients.  Providing oversight and assurance of existing data protection, cybersecurity and cyber risk management programmes.  Including

  • The oversight and assurance of data security programmes including  GDPR, CCPA, FCI & CUI.
  • Cyber capability reviews and organisational design.
  • Cyber practice & control assurance (ISO 27001, NIST 800- 171r2)
  • Cyber risk oversight and assurance.
  • Cyber incident assessment and expert witness.