Skip to content
Edwards & CMMC   |  Training & Education   |   Consulting & Assessments   |   CMMC FAQ

Edwards & The CMMC Ecosystem

Edwards plays a role in nearly every aspect of the Cybersecurity Maturity Model Certification (CMMC) ecosystem — training and education, consulting, assessments, and certification. Currently, Edwards supports Organizations Seeking Certification (OSC) as a Registered Practitioner Organization (RPO) and authorized CMMC Third-Party Assessment Organization (C3PAO), providing The Cyber AB approved assessments, consulting, and audit preparation. We are also an Approved Training Provider (ATP) and Approved Partner Publisher (APP), developing training and providing The Cyber AB certified classes to organizations and individuals planning to take The Cyber AB certification exams or utilize APP curriculum. Check out our CMMC FAQ page for more in-depth answers to all your CMMC questions!

Our team of cybersecurity experts bring more than a half century’s worth of deep understanding and experience in assessing and interpreting standards, guidelines, and best practices to improve cybersecurity programs. These skills provide you with a diverse and knowledgeable team, making us the best choice for your CMMC needs.

Schedule A Meeting

Assessments

Edwards is an Authorized CMMC Third-Party Assessment Organization (C3PAO) with Certified CMMC Assessors on staff, ready to support your formal CMMC assessment. Contact Info@EdwPS.com today!

Consulting

Edwards is an RPO, but more importantly, our consultants are also CMMC Provisional Assessors. In fact, many of our consultants teach our CCP classes and developed our curriculum. Learn more.

Education

As an APP, Edwards developed the curriculum to train the assessment community using cybersecurity SMEs and ISDs. Our courses prepare individuals to do the job an OSC expects when they hire a CMMC Professional.

 

Training

As an ATP, Edwards uses our own renowned curriculum to train members of the OSC team, consultants, supporting organizations (e.g., MSPs), and of course the assessors themselves. View our courses.

 

CMMC QUICKFACTS

  • CMMC draws from NIST standards, the DoD, and the international security community; the framework focuses on implementing NIST SP 800-171 security safeguards for Controlled Unclassified Information (CUI)
  • One size does not fit all – different levels of security are necessary, depending on the contract and sensitivity of the data involved
  • CMMC is officially part of Title 32 CFR, effective December 16, 2024, with requirements expected to appear in contracts starting January 2025.
  • CMMC includes the entire DoD industrial base – approximately 300,000 contractors and subcontractors
  • Authorized Approved Partner Publishers (APPs) and Approved Training Providers (ATPs) offer certified training programs for organizations and individuals seeking to prepare for CMMC compliance
Learn More

What is CMMC 2.0?

The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base. While the CMMC Standard was created for the Defense Supply Chain, there are many other government agencies and allies of the United States interested in using the CMMC Standard.

The standard is overseen by The Cyber AB. The Cyber AB establishes and oversees a qualified, trained, and high-fidelity community of consultants and assessors who can deliver consistent and informative assessments to participating organizations against a defined set of controls/best practices within the CMMC Program. The CMMC Model itself is created and managed by both The Cyber AB and the DoD.

CMMC is designed to

  • Safeguard sensitive information to enable and protect the warfighter
  • Dynamically enhance DIB cybersecurity to meet evolving threats
  • Ensure accountability while minimizing barriers to compliance with DoD requirements
  • Contribute toward instilling a collaborative culture of cybersecurity and cyber resilience
  • Maintain public trust through high professional and ethical standards

The CMMC Framework

The Cybersecurity Maturity Model Certification (CMMC) consolidates various cybersecurity standards and best practices, mapping these controls and processes across three certification levels that range from basic cyber hygiene to advanced practices. The level of certification an organization requires is determined by the type of information they handle and the work they are bidding on.

With the recent adoption of CMMC under Title 32 CFR, these requirements are now official and will begin appearing in statements of work starting January 2025. Preparing for compliance is more critical than ever, as high demand for formal assessments means you must be ready to pass the first time or risk delays—potentially forfeiting lucrative DoD contract opportunities. CMMC compliance will serve as a go/no-go decision gate at the time of contract award.

CMMC Success Story

How Harkins Builders Simplified CMMC Certification

Harkins Builders partnered with Edwards Performance Solutions to navigate the complexities of CMMC compliance. Through expert guidance, strategic tools, and collaborative planning, they achieved a streamlined path to certification.

Read the Full Story

CMMC EDUCATION & CERTIFICATION

Working towards self-attestation or formal certification within the CMMC ecosystem can be a daunting task for any organization. This is where training and education make a significant difference in understanding the CMMC framework, applying best practices, and effectively protecting sensitive information. A solid comprehension of the legal and regulatory guidance related to the Department of Defense’s (DoD) cybersecurity requirements is critical for success.

As The Cyber AB’s Approved Partner Publisher (APP) and Approved Training Provider (ATP), Edwards produces high-quality training materials for other ATPs and Organizations Seeking Certification (OSCs).

The Cyber AB’s Approved Training Materials (CATM) are developed by internal and external CMMC experts, combining real-world NIST assessment and consulting experience. Our sought-after CMMC courses and boot camps are led by Certified CMMC Instructors, respected leaders in the CMMC training ecosystem. Edwards’ instructional systems design approach, refined over 25+ years, ensures our curricula consistently set the standard for quality and professionalism.

Our online courses and accompanying materials are created and delivered by industry leaders. For those who prefer flexibility, our Guided Learning option combines self-paced study modules with live instructor-led study sessions, offering accessible ways to develop CMMC expertise. Additionally, we provide customized training solutions and discounts for multiple seat purchases—contact us to learn more!

The Cyber AB COURSES ARE IN Session!

Your CMMC certification journey begins with a solid foundation. The Cyber AB-approved 5-day CCP course and the Guided Learning CCP course provide a comprehensive look at the CMMC framework, preparing participants to excel as CMMC assessors, implementers, or consultants. With instruction led by our team of experienced Certified CMMC Instructors, participants gain a well-rounded understanding of CMMC standards and best practices.

Building on the CCP foundation, the 5-day CCA course deepens your knowledge of the CMMC model by taking the perspective of an actual assessment. Through multiple OSC scenarios that vary in size, locations, and system configurations (on-premises vs. hybrid), this course prepares participants for the CCA exam and equips them to contribute effectively to a C3PAO assessment team or to guide an organization through a successful Level 2 CMMC assessment.

Enroll in a session today or contact us to book a private class!

VIEW CURRENT COURSES

CMMC CONSULTING & ASSESSMENTS

To continue working with the government, organizations must either self-attest to NIST SP 800-171 safeguards at Level 1 or Level 2, or be certified at CMMC Level 2 or Level 3, depending on contract requirements. Many organizations, however, are unsure where to begin. The Cyber AB created the Registered Provider Organization (RPO) certification to help Organizations Seeking Certification (OSCs) confidently select consultants with verified expertise and knowledge of CMMC concepts. For official CMMC assessments, only Certified Third-Party Assessment Organizations (C3PAOs) are authorized to assess compliance with Level 1 and Level 2 security practices. If a government contract requires Level 3, a C3PAO assessment for Level 2 compliance is required prior to a DIBCAC Level 3 assessment.

As both an RPO and a C3PAO, Edwards is equipped to provide advisory CMMC Level 1 or Level 2 consulting services, including pre-certification assessments to develop a tailored CMMC action plan. While OSCs can work with an RPO or C3PAO to prepare for certification, the same C3PAO cannot be engaged for both pre-assessment consulting and the official CMMC assessment. All verified RPOs and C3PAOs are listed on The Cyber AB Marketplace. At Edwards, our mission is to guide DoD suppliers toward successful CMMC certification and support the maturity levels established by The Cyber AB.

Our team of cybersecurity experts brings over 50 years of combined experience in assessing and interpreting standards, guidelines, and best practices to improve cybersecurity programs. Edwards has conducted NIST SP 800-171 assessments since 2015 and was an early entrant into the CMMC ecosystem. We’re here to assist you every step of the way on your CMMC journey!

CMMC PREPARATION

Our targeted yet straightforward approach delivers big results while respecting your budget, timeline, and the needs of your key stakeholders. Each engagement is customized to fit your business requirements. We partner with you to ensure readiness for the formal CMMC assessment process. Where weaknesses or gaps are identified, we develop goal-oriented, impactful action plans that support compliance while driving positive outcomes for your organization.

Currently, Edwards offers CMMC Level 1 facilitated self-assessments, helping organizations calculate their Supplier Performance Risk System (SPRS) score by evaluating their systems against the NIST SP 800-171 framework. We also provide CMMC Level 2 preparation assessments, designed to help organizations prepare for the certification process.

Discover Edwards Performance Solutions

Tailored Expertise. Comprehensive Support.

Our consulting services include:

  • Data Flow Diagramming
  • Scoping
  • Full-Scale Gap Assessments
  • Remediation Planning and Road Mapping (i.e., POAMs)
  • Remediation Support

As the DoD releases additional guidance, Edwards continues to expand our service offerings to meet the evolving needs of the CMMC ecosystem. Contact us for more information and to learn how we can support your CMMC journey.

Let's Chat

- or -

CALL 443.561.1334

Want More?

Check out our other solutions – Performance ManagementTraining & Development, Organizational Resilience, and Cybersecurity.

BIG MONSTER PIECE OF PAPER

Enhancing project planning and develop a detailed work plan.

Learn More
  • Inputs
  • Tools, Ingredients, & Environment
  • PM Role
  • BMPP Advantages
  • BMPP Process
  • BMPP Summary