Edwards & The CMMC Ecosystem
Edwards plays a role in nearly every aspect of the Cybersecurity Maturity Model Certification (CMMC) ecosystem — training and education, consulting, assessments, and certification. Currently, Edwards supports Organizations Seeking Certification (OSC) as a Registered Practitioner Organization (RPO) and authorized CMMC Third-Party Assessment Organization (C3PAO), providing The Cyber AB approved assessments, consulting, and audit preparation. We are also an Approved Training Provider (ATP) and Approved Partner Publisher (APP), developing training and providing The Cyber AB certified classes to organizations and individuals planning to take The Cyber AB certification exams or utilize APP curriculum. Check out our CMMC FAQ page for more in-depth answers to all your CMMC questions!
Our team of cybersecurity experts bring more than a half century’s worth of deep understanding and experience in assessing and interpreting standards, guidelines, and best practices to improve cybersecurity programs. These skills provide you with a diverse and knowledgeable team, making us the best choice for your CMMC needs.
Assessments
Edwards is an Authorized CMMC Third-Party Assessment Organization (C3PAO) with Certified CMMC Assessors on staff, ready to support your formal CMMC assessment. Contact Info@EdwPS.com today!
Consulting
Edwards is an RPO, but more importantly, our consultants are also CMMC Provisional Assessors. In fact, many of our consultants teach our CCP classes and developed our curriculum. Learn more.
Education
As an APP, Edwards developed the curriculum to train the assessment community using cybersecurity SMEs and ISDs. Our courses prepare individuals to do the job an OSC expects when they hire a CMMC Professional.
Training
As an ATP, Edwards uses our own renowned curriculum to train members of the OSC team, consultants, supporting organizations (e.g., MSPs), and of course the assessors themselves. View our courses.
The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base. While the CMMC Standard was created for the Defense Supply Chain, there are many other government agencies and allies of the United States interested in using the CMMC Standard.
The standard is overseen by The Cyber AB. The Cyber AB establishes and oversees a qualified, trained, and high-fidelity community of consultants and assessors who can deliver consistent and informative assessments to participating organizations against a defined set of controls/best practices within the CMMC Program. The CMMC Model itself is created and managed by both The Cyber AB and the DoD. CMMC is designed to:
• Safeguard sensitive information to enable and protect the warfighter
• Dynamically enhance DIB cybersecurity to meet evolving threats
• Ensure accountability while minimizing barriers to compliance with DoD requirements
• Contribute toward instilling a collaborative culture of cybersecurity and cyber resilience
• Maintain public trust through high professional and ethical standards
The CMMC Framework
The Cybersecurity Maturity Model Certification (CMMC) consolidates various cybersecurity standards and best practices, mapping these controls and processes across three certification levels that range from basic cyber hygiene to advanced practices. The level of certification an organization requires is determined by the type of information they handle and the work they are bidding on.
With the recent adoption of CMMC under Title 32 CFR, these requirements are now official and will begin appearing in statements of work starting January 2025. Preparing for compliance is more critical than ever, as high demand for formal assessments means you must be ready to pass the first time or risk delays—potentially forfeiting lucrative DoD contract opportunities. CMMC compliance will serve as a go/no-go decision gate at the time of contract award.
Click to enlarge
CMMC QUICK FACTS
✅ CMMC draws from NIST standards, the DoD, and the international security community; the framework focuses on implementing NIST SP 800-171 security safeguards for Controlled Unclassified Information (CUI)
✅ One size does not fit all – different levels of security are necessary, depending on the contract and sensitivity of the data involved
✅ CMMC is officially part of Title 32 CFR, effective December 16, 2024, with requirements expected to appear in contracts starting January 2025.
✅ CMMC includes the entire DoD industrial base – approximately 300,000 contractors and subcontractors
✅ Authorized Approved Partner Publishers (APPs) and Approved Training Providers (ATPs) offer certified training programs for organizations and individuals seeking to prepare for CMMC compliance
Working towards self-attestation or formal certification within the CMMC ecosystem can be a daunting task for any organization. This is where training and education make a significant difference in understanding the CMMC framework, applying best practices, and effectively protecting sensitive information. A solid comprehension of the legal and regulatory guidance related to the Department of Defense’s (DoD) cybersecurity requirements is critical for success.
As The Cyber AB’s Approved Partner Publisher (APP) and Approved Training Provider (ATP), Edwards produces high-quality training materials for other ATPs and Organizations Seeking Certification (OSCs).
The Cyber AB’s Approved Training Materials (CATM) are developed by internal and external CMMC experts, combining real-world NIST assessment and consulting experience. Our sought-after CMMC courses and boot camps are led by Certified CMMC Instructors, respected leaders in the CMMC training ecosystem. Edwards’ instructional systems design approach, refined over 25+ years, ensures our curricula consistently set the standard for quality and professionalism.
Our online courses and accompanying materials are created and delivered by industry leaders. For those who prefer flexibility, our Guided Learning option combines self-paced study modules with live instructor-led study sessions, offering accessible ways to develop CMMC expertise. Additionally, we provide customized training solutions and discounts for multiple seat purchases—contact us to learn more!
The Cyber AB COURSES ARE IN Session!
Your CMMC certification journey begins with a solid foundation. The Cyber AB-approved 5-day CCP course and the Guided Learning CCP course provide a comprehensive look at the CMMC framework, preparing participants to excel as CMMC assessors, implementers, or consultants. With instruction led by our team of experienced Certified CMMC Instructors, participants gain a well-rounded understanding of CMMC standards and best practices.
Building on the CCP foundation, the 5-day CCA course deepens your knowledge of the CMMC model by taking the perspective of an actual assessment. Through multiple OSC scenarios that vary in size, locations, and system configurations (on-premises vs. hybrid), this course prepares participants for the CCA exam and equips them to contribute effectively to a C3PAO assessment team or to guide an organization through a successful Level 2 CMMC assessment.
Enroll in a session today or contact us to book a private class!
To continue working with the government, organizations must either self-attest to NIST SP 800-171 safeguards at Level 1 or Level 2, or be certified at CMMC Level 2 or Level 3, depending on contract requirements. Many organizations, however, are unsure where to begin. The Cyber AB created the Registered Provider Organization (RPO) certification to help Organizations Seeking Certification (OSCs) confidently select consultants with verified expertise and knowledge of CMMC concepts. For official CMMC assessments, only Certified Third-Party Assessment Organizations (C3PAOs) are authorized to assess compliance with Level 1 and Level 2 security practices. If a government contract requires Level 3, a C3PAO assessment for Level 2 compliance is required prior to a DIBCAC Level 3 assessment.
As both an RPO and a C3PAO, Edwards is equipped to provide advisory CMMC Level 1 or Level 2 consulting services, including pre-certification assessments to develop a tailored CMMC action plan. While OSCs can work with an RPO or C3PAO to prepare for certification, the same C3PAO cannot be engaged for both pre-assessment consulting and the official CMMC assessment. All verified RPOs and C3PAOs are listed on The Cyber AB Marketplace. At Edwards, our mission is to guide DoD suppliers toward successful CMMC certification and support the maturity levels established by The Cyber AB.
Our team of cybersecurity experts brings over 50 years of combined experience in assessing and interpreting standards, guidelines, and best practices to improve cybersecurity programs. Edwards has conducted NIST SP 800-171 assessments since 2015 and was an early entrant into the CMMC ecosystem. We’re here to assist you every step of the way on your CMMC journey!
CMMC PREPARATION
Our targeted yet straightforward approach delivers big results while respecting your budget, timeline, and the needs of your key stakeholders. Each engagement is customized to fit your business requirements. We partner with you to ensure readiness for the formal CMMC assessment process. Where weaknesses or gaps are identified, we develop goal-oriented, impactful action plans that support compliance while driving positive outcomes for your organization.
Currently, Edwards offers CMMC Level 1 facilitated self-assessments, helping organizations calculate their Supplier Performance Risk System (SPRS) score by evaluating their systems against the NIST SP 800-171 framework. We also provide CMMC Level 2 preparation assessments, designed to help organizations prepare for the certification process.
Our consulting services include:
- Data Flow Diagramming
- Scoping
- Full-Scale Gap Assessments
- Remediation Planning and Road Mapping (i.e., POAMs)
- Remediation Support
As the DoD releases additional guidance, Edwards continues to expand our service offerings to meet the evolving needs of the CMMC ecosystem. Contact us at Info@EdwPS.com for more information and to learn how we can support your CMMC journey.
Want More?
Check out our other solutions – Enterprise Management, IT Solutions, Training & Development, and Cybersecurity.
INTERESTED IN MORE CMMC RESOURCES?
Learn to meet cybersecurity business goals and organizational priorities, while connecting with the best in the business.