Regola Cyber can help your organization assess current implementation of cybersecurity controls and improve compliance with United States Department of War regulations in preparation for an audit. We have experience with NIST 800-171 audits, DFARS 252.204-7012 compliance, the Cybersecurity Maturity Model Certification (CMMC) framework and NIST 800-53. In February 2021, our application to become a CMMC Third Party Assessor Organization™ was accepted as one of the first 75 listings and we have been involved with the CMMC ecosystem since that time. We are currently an authorized C3PAO (see The Cyber-AB Ecosystem).
Formal Assessment Leading to CMMC L2 Certification
Our team of highly qualified CCAs with extensive federal experience conduct your CMMC L2 Assessment through a combination of on-site visits and virtual meetings. When you contract with Regola Cyber for your assessment, you’ll receive a comprehensive assessment evidence request list which allows your team to organize its assessment evidence to submit to the team before the start of your live assessment. Assessors use a combination of personnel interviews, review of evidence, and tests of the Information System to assess your organization’s compliance with the 110 CMMC L2 controls. At the conclusion of the assessment, our team will complete all of the required reporting. If you’ve scored that 110/110, you’ll receive a certificate. And if you miss the mark and need to close out any plans of action and milestones (POA&Ms), we will work with you to schedule a POA&M closeout within the 180-day window at the end of the assessment.
Mock Assessment
If you aren’t ready for a formal assessment today, we recommend booking a Mock Assessment. In a mock assessment, Regola Cyber assessors evaluate your team’s readiness for formal assessment by following the formal assessment process and providing a report explaining the determination for each control assessed. This mock assessment allows your organization to recognize any gaps in preparation before a CMMC certification assessment. Mock assessment does not include consulting*. Our partial mock assessment includes a subset of the requirements if you are looking for a spot check at reduced cost over assessing the full 110 CMMC controls. When Regola Cyber conducts a mock assessment for you, we will make every effort to assign the same team of assessors for your formal assessment, if requested.
Official CMMC L2 certification assessments (i.e. an assessment that results in the issuance of a CMMC Certificate) are now available. Contact us to be among the first to get news from Regola Cyber concerning CMMC assessment availability at: [email protected].

Please note that in compliance with CMMC-AB/Cyber-AB guidelines, Regola Consulting, Inc. DBA Regola Cyber will not perform an assessment and compliance consultation for the same company within a three (3) year period.