CMMC Services

CMMC Services


The CMMC is coming! Are you ready?

Learn all you need to know about the DoD’s new regulation - Cybersecurity Maturity Model Certification (CMMC) – that will affect all contractors and their subcontractors.

The Department of Defense (DoD) established the CMMC to protect information within the Defense Industrial Base (DIB) – the worldwide industrial complex that enables research and development. The DIB is part of the Defense Supply Chain and is managed by over 300,000 entities from around the world.


Captiva Solutions is a CMMC-AB Licensed Partner Publisher

Captiva Solutions is a Licensed Partner Publisher (LPP) for the CMMC Accreditation Body (CMMC-AB)1! This new partnership will allow Captiva to join an ecosystem of accredited cybersecurity companies working towards training and credentialing the workforce of the future and ultimately protecting the U.S. Department of Defense (DoD) supply chain.


As one of 11 CMMC-AB Licensed Partner Publishers (LPPs), Captiva Solutions, early in the process of curriculum development, got a behind-the-scenes view of the CMMC Model first-hand, partnered with the CMMC-AB (the ("keepers of the CMMC Ecosystem"), and provides an in-depth understanding of the CMMC Model through extensive evaluation and research.



[1] The CMMC-AB is the authorized independent accreditation entity created in January 2020 that is responsible for establishing, managing, controlling and administering the CMMC assessment, training, certification, and accreditation processes for the defense supply chain.

For Organizations Seeking Certification (OSC)

More details on our CMMC-AB assessment and advisory services will be provided soon.

Download our Advisory and Assessment Datasheet to learn more about our services.


CMMC Advisory and Assessment Services

With years of cybersecurity assessments and implementations under our belt, Captiva Solutions has the compliance expertise, technical knowledge, and security “gene” to help defense contractors with the following:

Assessment Process

  • 01

    SELF-ASSESS: Analyze Scope and Impact
    Determine applicable contracts and identify CUI data that must be controlled
  • 02

    PRE-ASSESS: Evaluate your current state of security
    Perform a gap analysis - compare CMMC’s 17 domains against current practices
  • 03

    FORMAL-AUDIT: Audit conducted by an accredited C3PAO
    Evaluate operations and threat exposure to achieve and maintain compliance