Go to Top

CMMC Quick Look Assessment

The Department of Defense (DoD) released the Cybersecurity Maturity Model Certification (CMMC), Version 1.0. To continue work with the government, companies must be certified at an appropriate level of maturity against the CMMC. But, many companies need help determining where to start.

Our quick look approach is designed to be affordable and provide you with exactly what you need to do in preparation for a CMMC audit, through four steps. At this time, Edwards offers a Level 1, Level 3, and Facilitated Quick Look at Level 1 or Level 3 option with varying levels of consulting support. Edwards will continue to increase our offerings as the DoD provides more CMMC compliance information.



Security Governance as a Service

Security as a Service is an increasingly go-to option among enterprises to add value to the management, implementation, and oversight of cybersecurity complexities. Our in-house cyber team brings decades of security program, CISO, penetration testing, and assessment experience.

We utilize a “Governance” model to guide and manage the full cybersecurity picture, specific to your organization. We also provide reporting through dashboards, delivering strategic insight into the health and maturity of your program throughout its lifecycle.

CSF Quick Look Assessment

Cybersecurity should support your desired business outcomes while helping to protect the overall business. The NIST Cybersecurity Framework (CSF) provides a holistic program model with a strategic lifecycle view of your management of risk.

Our assessments use the CSF to get you started in the right direction. Our quick look approach is designed to be affordable and provide you with exactly what you need to do to improve your cybersecurity posture, with four easy steps. Edwards offers a Basic, Standard, and Facilitated Quick Look option with varying levels of consulting support.

                                                                                                                                                              LEARN MORE ›

Risk Management as a Service

Risk management requires a continuous process of assessing, monitoring, and mitigating potential threats. Edwards’ approach develops a baseline of your organization, with further updates to mature our understanding of your business risk. Risk Management as a Service (RMaaS) provides risk assessment, compliance assessment, and cybersecurity risk management services, tailored for your business and organizational needs, including:

Continuous Security Risk Assessment services (compliance oriented)Continuous vulnerability analysis and penetration testing

Security Project Planning and Monitoring (Plan of Action and Milestone [POAM] Management)

Enterprise-wide Security Program Maturity Assessment and Dashboard Management

Vendor Risk Management

Risk management requires a continuous process, but ensures consistent processes and makes onboarding additional systems more efficient and cost effective. Helping you achieve business goals and reduces your risk posture for continued success.

Penetration Testing & Vulnerability Assessments

The majority of security attacks are not targeted − cybercriminals pursue vulnerabilities. Continuous Assessment – Offensive Services (CAOS) provides a real-time approach to penetration testing and vulnerability management.

Our in-house Senior Penetration Tester mirrors the cadence of actual cybersecurity attacks through proven campaigns, operations, and tasks. While CAOS is designed as a continuous assessment, we also offer point-in-time assessments and phishing campaigns as an additional attack vector.

Vendor Risk Management

Vendors are part of your business success, but also present a risk that must be understood and managed to protect your business information. However, a complete third party risk assessment is often time consuming and costly; leaving many third parties as an unknown business risk.

Edwards’ Vendor Risk Management (VRM) approach provides a platform distributes security assessments streamlining data collection, tracking, and remediation when sharing sensitive data with third parties. Our team of cybersecurity experts works with you to ensure your VRM process is best suited for your business needs and matured over time, as required.

Compliance Assessments

Compliance Assessments provide a baseline of information systems and assets to identify organizational risks. Our assessments (HIPAA, CMMC, NIST, DFARS, etc.) uncover the gaps to help you understand your risk posture and management strategies – establishing a plan of action based on business needs. We identify the information and processes critical to your success, and determine your risk tolerances. The result is meaningful artifacts, to accomplish corporate objectives. Our assessments also consider regulatory, compliance, and industry best practices. Our standards-based methodology focuses on assessment and risk mitigation at the enterprise and individual systems level.


Edwards helps you build a business focused cybersecurity program – continuing to support that program throughout management and governance. CyberPMO® is a proprietary solution, providing a way for CISOs and the Security Team to quell the daily “fire drill.”

With a Project Management Office (PMO) underpinning, CyberPMO provides a roadmap to develop and refine a strategically oriented, business focused information security program. We approach security from every angle, ensuring our solution addresses Risk, Compliance, Policy, Security Project, and Vulnerability Management.