Cybersecurity Maturity Model
Certification (CMMC) support

Does your business rely on Department of Defense contracts?
We can help you prepare for CMMC compliance.

Remain a valued Department of Defense contractor

Our cybersecurity professionals have the experience and knowledge to help distill complex frameworks into specific actions. Like the Department of Defense (DOD), we understand the value and importance of small and medium-size suppliers and their unique cybersecurity situations. Our team of CMMC Accreditation Body Registered Practitioners (RP) will work directly with your organization to ensure you are prepared for your targeted CMMC level.

Need help to prepare for the CMMC assessment?
Contact us to get started.

Cybersecurity Maturity Model Certification (CMMC) Support Service

Consider who benefits

Contractors unsure of what they need to do to comply with the CMMC.

Contractors whose cybersecurity practices are lacking when compared to their desired CMMC level.

Contractors looking to show their commitment to cybersecurity by developing robust cybersecurity practices, processes, and management system(s).

Consider the benefits

Create a competitive advantage by complying with the CMMC before other contractors.

Determine the appropriate level of the CMMC based on your organization’s situation.

Identify gaps in your cybersecurity processes and practices relating to the targeted CMMC level.

Ensure your organization has the required cybersecurity practices in accordance with the CMMC.

Document your practices to better manage your cybersecurity risks and vulnerabilities.

How AGH can help you prepare for CMMC compliance

With the DOD transitioning to a more structured approach relying on the CMMC, AGH can help your organization identify gaps in your current practices compared to those in the CMMC. Whether your organization is relatively new to this area, or an experienced contractor, the CMMC presents risk to most contractors.

As a Registered Provider Organization™ (RPO), as designated by the CMMC Accreditation Body, and one of the first ones in Kansas, our Registered Practitioner can help your organization prepare for the CMMC. We begin with an introductory survey and meeting to better understand your cybersecurity practices. With that information, we work with key stakeholders in your organization (not just the IT team) to develop a comprehensive plan to ensure your organization meets the desired level of the CMMC.

For organizations seeking stronger cybersecurity, our professionals can help your organization obtain the compliance needed for higher-clearance contracts. Our professionals can help document your practices in accordance with the CMMC to help management develop a comprehensive plan to address cybersecurity risks and vulnerabilities.

Regardless of the targeted CMMC level, our process tends to follow these basic steps:

Determine the desired CMMC level based on past, current, and anticipated DOD contracts
Perform a preliminary assessment and review any security documentation
Identify and remediate gaps between current practices and those listed in the CMMC
Assist the organization in identifying next steps with the DOD to verify CMMC compliance.

Unsure where to start?
Contact our CMMC professionals today.

Brian Johnson technology services

Call us Email us Connect with us

Brian Johnson

Senior Vice President
Technology Services

Brian joined AGH in 1992. He leads the firm’s technology services practice where he helps clients achieve measurable performance improvements through the delivery of specialized, competency-based information systems management, assurance, and advisory services. He has extensive experience in information security, network engineering, and solution development, with recognized specializations in governance, risk, control, and related consulting services.

Brian is a member of ISACA (previously known as the Information Systems Audit and Control Association), the Kansas Society of Certified Public Accountants (KSCPA), the American Institute of Certified Public Accountants (AICPA), the AICPA’s Information Management and Technology Assurance (IMTA) Section, and the Association for Supply Chain Management (ASCM). He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), and Certified in Production and Inventory Management (CPIM).

Brian is also a Certified Public Accountant (CPA) and a graduate of Wichita State University, where he earned Master of Accountancy and Bachelor of Business Administration degrees.