A-LIGN Announces C3PAO Authorization, Provides CMMC Certifications Key to DoD Contracts

Share Article

A-LIGN is among the first C3PAOs and RPOs guiding companies through the evolving CMMC audit and certification process so they can win more business in the growing federal space.

News Image
“This regulation will play a critical role in our national security, and A-LIGN is honored to be among the first firms to receive C3PAO status,” said Tony Bai, Federal Practice Lead at A-LIGN

A-LIGN, a leading security and compliance provider, is among the first firms to become an accredited Cybersecurity Maturity Model Certification (CMMC) Third-Party Assessment Organization (C3PAO) and Registered Provider Organization (RPO). This allows A-LIGN to help organizations conduct business with the DoD by offering a variety of services including scoping, gap assessments, remediation analysis and documentation services, all in the spirit of identifying and mitigating cybersecurity risks critical for national security.

CMMC is a DoD standard created to protect controlled unclassified information (CUI). The certification is designed to manage critical risks in the federal supply chain caused by contractors in the defense industrial base (DIB) that lack sufficient cybersecurity controls or effective processes.

“This regulation will play a critical role in our national security, and A-LIGN is honored to be among the first firms to receive C3PAO status and guide clients through the certification process as a step toward establishing trust and winning more business with the Federal Government,” said Tony Bai, Federal Practice Lead at A-LIGN. “A-LIGN’s breadth of experience with FedRAMP, FISMA and NIST 800-53 positions us to confidently offer CMMC services to organizations looking to grow their business in the federal space and make this certification process as seamless as possible for clients.”

Developed in response to a significant increase in national security compromises of sensitive information located on contractors’ information systems, CMMC will not only ensure that specific standards are met, but that suppliers can demonstrate evidence of a strong cybersecurity strategy.

As a Registered Practitioner Organization (RPO), A-LIGN can also offer advisory services and perform readiness assessments as details around CMMC continue to be finalized. The official C3PAO authorization from the Accreditation Body allows A-LIGN to help organizations looking to do business with the DoD by building upon existing regulations, verifying they comply with various levels of cybersecurity maturity, and giving assurance that proper controls are in place to protect CUI.

Select contracts will require CMMC certification as soon as the end of 2021, with all new contracts requiring it by 2026. A-LIGN is prepared to guide organizations of all sizes and complexity through the CMMC certification process.

For more information about CMMC and A-LIGN’s Federal Compliance services, visit https://a-lign.com/cmmc.

About A-LIGN

A-LIGN uniquely delivers a single-provider approach as a HITRUST CSF Assessor firm, Qualified Security Assessor Company, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, accredited FedRAMP 3PAO, accredited CMMC C3PAO and licensed CPA firm. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. For more information, visit http://www.A-LIGN.com.

Media Contact

Allie Spurrier

Corporate Communications

(888) 702-5446 x623


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Allie Spurrier
+1 (888) 702-5446 Ext: 623
Email >
Follow >
Visit website