BTI is a CMMC-AB accredited C3PAO. Any organization planning to achieve CMMC certification at any level must work with a C3PAO to be assessed at a CMMC level.
We offer two levels of CMMC assessments:
- Gap analysis, to help your organization prepare for a CMMC assessment.
- Formal CMMC assessment.
Since all formal CMMC assessments–at any level–are pass/fail and failure to satisfy even a single CMMC clause results in failure, we strongly recommend conducting a gap analysis before proceeding with an assessment. A gap analysis covers all the details of a CMMC assessment itself off-the-record in order to help your organization assess your readiness to proceed and repair any deficiencies.
BTI’s CMMC assessment delivers the following services:
- CMMC scope analysis: to achieve your CMMC-related business objectives, what needs to be included in the assessment scope, including organization components, lines of business, locations, programs, personnel, policies, systems, and processes?
- Assessment planning and schedule.
- Evidence matrix to be used in efficiently collecting and preparing assessment artifacts and testimony.
- Assessment methodology training, if the assessment requires a team.
- Assessment (gap or formal).
- Post-assessment diagnostic.
- CMMC Level credentials (formal assessment only)
In addition to assessment services, BTI also offers offer a complete range of CMMC services including:
- CMMC policy and supporting documentation development, implementation, and compliance consulting.
Fundamental to BTI’s approach is the idea that information technology security must be integrated into and support of the organization’s goals. Failing to be secure makes an organization vulnerable to anyone inside or outside of the organization who wants to attack, discredit, or steal from the organization. But security cannot overwhelm the organization’s business or mission goals without depriving the organization for its reason for existence. BTI’s mission is to help your organization excel in achieving its security compliance goals and business and mission goals.