• Home
  • IT Risk Management & Compliance
    • CMMC Assessment & Preparation
    • NIST SP 800-171 / DFARS Compliance
    • FISMA Compliance
    • GDPR Compliance
  • Managed Cyber Security
  • Managed IT Services
  • Who We Are
    • Careers
  • Resources
    • CMMC 2.0 Updates Guide
    • CMMC News
    • CMMC Guide for DoD Contractors
    • NIST 800-171 Guide
    • DFARS Interim Rule Guide
    • DFARS Compliance Guide
    • FISMA Compliance Guide
  • Blog
  • Help Desk
  • Free Consultation
  • Contact Us

Support: 800-699-0925 Sales: 800-481-1984

SysArc

IT Company

  • Services
    • IT Risk Management & Compliance
      • Cybersecurity Maturity Model Certification (CMMC) Assessment & Preparation
      • NIST SP 800-171 / DFARS Compliance Solution
      • FISMA Compliance Solution
      • GDPR Compliance Solution
    • Microsoft GCC/GCC High Migration Services
    • Managed Cyber Security
    • Managed IT Service & Support
  • Who We Are
    • Careers
  • Resources
    • CMMC 2.0 Update Guide
    • CMMC News
    • CMMC Guide for DoD Contractors
    • NIST 800-171 Guide
    • DFARS Interim Rule Guide
    • DFARS Compliance Guide
    • FISMA Compliance Guide
  • Blog
  • Help Desk
  • Free Consultation

CASE STUDY

DFARS Compliance & CMMC Preparation for Large Prime Contractor

SysArc helped one manufacturing firm and its subsidiaries completely renew their technology and prepare for CMMC audits through proactive planning.

Note: The name of this company has been omitted for confidentiality.

Problems

One large, well-known Department of Defense (DoD) contractor of about 2500 employees needed help becoming DFARS compliant. This company is a multinational manufacturer with subsidiaries in the US that have contracts with the DoD.

When they teamed up with SysArc, this manufacturer and its subsidiaries needed help reaching full compliance with DoD cybersecurity standards, including DFARS 252.204-7012 and NIST 800-171. They also needed an overall boost in their cybersecurity to remain protected from cyber threats.

As CMMC updates are enacted, they have also required assistance preparing for future CMMC audits, and SysArc has assisted every step of the way in our role as their fractional Cybersecurity Program Manager.


Solutions

Subsidiary 1: The first step in this organization’s process was to conduct an CMMC/DFARS assessment. This firm had immense compliance gaps. They were out of date with their technology in general, not up to date with required DFARS regulations, and their information was not secure; in fact, they had recently suffered a major breach. They asked us to complete a network refresh of their entire infrastructure.

We assist our clients by conducting an assessment, giving results, then planning for remediation to mitigate compliance gaps. In this case, we were extremely involved in the remediation phase. SysArc implemented a complete network refresh and server hardening project to get their technology, processes, and security up to date.

Subsidiaries 2 & 3: The main hurdle of the next two subsidiaries was that due to the nature of their contracts, these firms are anticipating that they will require a CMMC Level 3 certification in 2021.

They had already begun completing remediation on their own, but they hired SysArc as their CMMC consultant to maintain security standards and ensure they’re in compliance through their CMMC certification. This included completing an assessment, overseeing remediation, and collecting evidence along the way to provide auditors proof of maturity and cybersecurity compliance.

We helped them create a compliance calendar that included such items as a re-assessment  against the NIST 800-171 in order to provide an updated score to be entered into the SPRS database, collecting/storing evidence for the audit, updating their SSP and POA&M, etc. 

Although CMMC updates are still being rolled out, SysArc has proactively continued to aid this company in its preparation by setting a target date by which their CMMC certification will be completed, creating a plan to achieve that goal, managing their project portfolio, collecting all evidence needed for CMMC audits, and more.


Results

Thanks to Sysarc’s timely, knowledgeable services, these firms are now much more secure overall and very well prepared for a potential CMMC audit in 2021.

In the case of the first subsidiary, a complete network refresh enabled them to mitigate NIST 800-171 and DFARS 252.204-7012 compliance gaps. Their newly updated systems are designed to proactively prevent breaches, giving them optimal security.

The second and third subsidiaries received our dedicated attention when time-sensitive CMMC updates were released, which allowed them to rapidly implement Interim Rule requirements and prepare for future audits with no interruption to their business.

All three organizations received, and continue to receive, the invaluable benefit of advanced security against all cyber threats to their businesses, from ransomware to IP theft and more.

With our help, these companies have tightened security against potential threats and crossed every hurdle they’ve been asked to pass so far, putting them in the best position for CMMC audits and future changes.


SysArc has helped over 1,000 DoD contractors throughout the U.S. navigate the complexities of DFARS, NIST 800-171, and now CMMC. Through our many experiences, we’ve fine-tuned several solutions that enable our clients to prepare to achieve compliance faster and at a lower cost compared to other solutions that have been popping up in the market recently.

Not ready for an assessment? Read our detailed Preparation Guide to CMMC, or visit our CMMC News section for the latest news an updates from the CMMC accreditation Body.

12300 Twinbrook Pkwy
Suite 500
Rockville, MD 20852

Sales: 800-481-1984

Customer Support: 800-699-0925 ext. 1

Quick Contact

Contact Us

CMMC RPO Badge

Navigation

  • Home
  • Services
  • Who We Are
  • Help Desk
  • Blog
  • Case Studies
  • Free Consultation
  • Careers
  • Contact Us

Follow Us

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Latest Tweets

Tweets by @https://twitter.com/sysarcinc

Latest Posts

Do DoD Contractors Need Microsoft GCC/GCC High for DFARS, CMMC or ITAR?

What’s the Difference Between Microsoft 365 GCC and GCC High?

What is Microsoft GCC & GCC High? A Guide for DoD Contractors

SysArc Sponsoring & Exhibiting at The National Cyber Summit 2022

Why CMMC Compliance Is About More Than Just Protecting National Security

Pentagon Official Offers Insights into CMMC Timeline & Rollout

SysArc © 2023. All Rights Reserved. Powered by Lemonade Stand. | Privacy Policy

Are Your Resources Constrained Prepping for NIST 800-171 and CMMC?

SysArc can reduce the burden on your compliance team by outsourcing some of the steps to our team of experts.


Large and Mid-Size DoD Primes are working with SysArc experts on:

  • • Readiness Assessments
  • • SSP Creation
  • • POAM Remediation
  • • Program Oversight & Management
  • • Policies and Procedures Development
  • • GCC High Migrations
  • • Post M&A Integrations
  • • Network Hardening
  • • MFA Implementation and more

 

As a CMMC RPO with years of experience in DoD supply chain risk management, SysArc is able to solve some of the more challenging compliance problems.

Get Started Now:

Call: (866) 583-6946 Schedule a CMMC/DFARS Consultation