Highground Cyber

Assessments

01

Information Scoping Assessment

How it Works

Highground Cyber works top-down to solve the scope problem. We orient ourselves with your business by focusing on what you do, for whom you do it, and how you do it. We comb through the details, finding and examining the contracts you have with the federal government and its prime contractors. We interview the various business units who have a hand in delivering your goods and services under those contracts, bringing a certified expert's understanding of CUI to each conversation along with decades of business analyst experience. With these, we map all connections between your workflows and assets, which is foundational to setting scope. This process is the only escape from a circular scoping problem, and with it, we accurately capture the people, technologies, and facilities that comprise your true CUI security domain.

What You Get

  • A Comprehensive Process Review
  • A CUI Discovery & Workbook Exercise
  • Defined Asset Inventories & Classifications
  • Defined CUI Security Domains

What Others are Saying

"Getting your CUI scoping right is a real challenge. Our internal efforts initially failed because neither the IT or business unit functions had a proper understanding of what CUI is and when we received it or when we generated it in our workflows... The Highground CUI Scoping assessment put us on a path to success."
- Matt Bergman, Director of IT at Spacesaver

02

Implementation Gap Assessment

How it Works

The implementation gap assessment focuses on identifying the CMMC practices you are not currently addressing with the controls you have in place - whatever they may be. Unlike our CMMC readiness assessment, our gap assessment is not about gathering evidence that you are meeting assessment objectives; it aims to identify what additional security controls you will need to put in place to pass your assessment. Our recommendations for security controls are informed by your existing infrastructure, not what we can sell you. The Certified CMMC Professionals at Highground Cyber organize the deployment of these additional security controls into a CMMC-specific, prioritized program plan that is tailored to what makes your organization unique.

What You Get

  • An Unbiased Review of Internal Security Controls
  • A Gap Analysis Report on Your CMMC Assessment Objectives
  • A CMMC Prioritized Program Plan

What Others are Saying

"Understanding which of the 110 Controls and 320 Assessment Objectives we had deployed and where we had technical and process gaps proved to be both challenging and overwhelming. The Highground Cyber team reviewed our scope and System Security Plans and provided a detailed gap analysis that helped us create a plan that was optimized for our infrastructure and our business process. We save a great deal of time and money by working with a Highground Certified CMMC Professional."
- Dave Strick, VP of IT at Foth

03

Program Implementation

Start Your Program
04

CMMC Assessment Readiness

How it Works

Highground Cyber's CMMC Readiness Assessment helps you prevent false starts and hard fails by exposing you to the official CMMC assessment process - both conceptually and practically - through a miniature, mock CMMC assessment. The Certified CMMC Professionals at Highground Cyber will walk you through the assessment methods and objects at a C3PAOs disposal under the CMMC assessment process, taking the guess work out of your preparation. This process also involves coaching your key stakeholders in order to familiarize them with the mechanics of the assessment process and what to expect. With the right evidence and a dry run from the qualified assessors at Highground Cyber, you can be more confident going into your assessment that you have everything you need.

What You Get

  • Coaches Stakeholders on the Assessment Process
  • Identifies Insufficient and Inadequate Evidence before the Assessment
  • Optimizes and Organizes Evidence for Faster and Cheaper Assessments

What Others are Saying

"The Highground Cyber Team of CMMC Certified Professionals took us through their Readiness Assessment which even included the 15 controls that require onsite physical inspection. It was a very educational process that helped us understand how to prepare and organize our evidence, and it found gaps that would have resulted in an expensive failed CMMC certification assessment."
- Matt Bergman, Director of IT at Spacesaver