Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA


+1 -800-456-478-23

Are You Ready for CMMC?

As experienced CMMC compliance consultants, we not only complete documentation but also run continuous monitoring and develop IT infrastructure to maintain your compliance.

LDD Consulting helps companies meet the US Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) requirements.

We run through the high-level steps that are necessary for DoD contractors to achieve their required level of certification.

CMMC assessment is performed by individual assessors and accredited CMMC Third Party Assessment Organizations (C3PAOs). LDD is one of these. We enable businesses to work in a compliant manner by providing high-value custodial security of CUI, while minimizing interruptions to people, processes, and procedures.

The Background: NIST 800-171 vs CMMC

CMMC is a vehicle used by the US federal government to audit compliance with the NIST SP 800-171 regulation. DoD contractors have been expected to comply with this regulation since January 1, 2018.

However, the DoD has noted unacceptably low levels of compliance by the Defense Industrial Base (DIB) over the first two years, and established CMMC to remedy the slow progress. CMMC itself was released on January 31, 2020.

September 2020, DoD contractors must be certified at the relevant CMMC level to bid on Requests for Proposal (RFPs).

CMMC also applies to subcontractors.

The overall picture gets more complicated. For a start, NIST 800-171 requires compliance with both the Controlled Unclassified Information (CUI) and Non-Federal Organization (NFO) controls. CMMC focuses on CUI controls only.

Therefore, having a CMMC Level 1, 2, 3, 4 or 5 certification does not automatically mean your organization is compliant with NIST 800-171. This simple oversight can put your organization at risk of violating the False Claims Act (FCA) and shows why you need an experienced compliance consultant to make sure every last detail is covered.

Upcoming Revisions

The Pentagon is revising its CMMC program by significantly reducing the number of companies that require third-party assessments. It is also providing new waiver processes in specific areas.

The CMMC 2.0 revisions were announced in November 2021, but could take another two years to come into effect. They include consolidation of the current five CMMC certification levels down to three: foundational, advanced, and expert. The revisions will also help to cut red tape for small and medium-sized businesses (SMBs).

Nevertheless, meeting basic cyber hygiene standards and protecting controlled unclassified information (CUI) are now pre-contract award requirements. Verification must take place through an independent, on-site third-party audit.

Non-compliance means no contract and no revenue!

DFARS Interim Rule

The DFARS Interim Rule (in effect since December 2020) requires that contractors bidding on new DoD contracts must conduct self-assessments and report their results to the SPRS (Supplier Performance Risk System). The DFARS compliance checklist is used for this.

Clearly, boosting your company’s self-assessment score is vital if you want to win those contracts.

So how does this relate to CMMC? Remember that the first ‘M’ in CMMC stands for ‘Maturity.’ Companies must demonstrate that they’ve institutionalized the practices of CMMC compliance for months if they are serious about achieving certification.

LDD Consulting can help you quickly improve your level of cybersecurity — and substantially elevate your self-assessment score — by protecting CUI.

// contact details

Contact us

Give us a call or drop by anytime, we endeavour to answer all enquiries within 24 hours on business days. We will be happy to answer your questions.
Our Address:

LDD Consulting, Inc 2420 Midtown NE Ste K Albuquerque, NM 87107

Our Mailbox:


Our Phone:

505 792 2375

Book a 10-Minute Call to Discuss any Questions or Issues
Important! We hate spam as much (or more!) than you and promise to NEVER rent, share, or abuse your e-mail address and contact information in any way.

©2023. LDD Consulting, Inc. All Rights Reserved.