Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More


Scoping & Gap Assessments

Scoping & Gap Assessments

Offering Cybersecurity Maturity Model Certification (CMMC) scoping & gap assessments for the Defense Industrial Base (DIB) Department of Defense (DoD) regarding unclassified, such as FCI and CUI.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Cybersecurity Maturity Model Certification (CMMC) Scoping & gap Assessments for DoD Contractors

Arlington offers defense contractors within the Defense Industrial Base (DIB)/Department of Defense (DoD) supply chain Cybersecurity Maturity Model Certification (CMMC) solutions for today’s growing cybersecurity compliance requirements. Our CMMC scoping & gap assessments services are a critical first step for assisting federal contractors in complying with the current CMMC framework. At Arlington, we also offer a wide range of advisory services for FedRAMP, NISP eMASS DCSA, NIST 800-171, FISMA, DoD Cloud Security and so much more.

CMMC Scoping & Gap Assessments

A critical element for CMMC success is identifying all compliance gaps with the prescribed control “Domains” within the current CMMC publication, then performing essential remediation. With Arlington, our CMMC scoping & gap assessments rapidly identifies all gaps, provides a prioritization list for correcting them, while also offering numerous tools and solutions for quick remediation.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Related Services

Corresponding Case Studies

Four Step CMMC Scoping & Gap Assessment Process

Benefits of CMMC Scoping & Gap Assessments

  • Quick & efficient process for identifying control gaps.

  • Dozens of helpful tools for correcting technical and documentation gaps.

  • Industry-leading methodology for rapid remediation with no POAMs.

Why Arlington for CMMC Scoping & Gap Assessments

  • One of the most well-known and trusted DoD Compliance firms.

  • Hundreds of successful DoD compliance engagements over the last decade.

  • Fixed-fee pricing for all of our DoD services.

Why Arlington?

Decades of Defense Industry Expertise. Recognized leaders in all things DoD. World-Class Arlington Security Portal (ASP).

Passion. Integrity. Innovation. Impact.

Step 1: Control Framework Walkthrough

The CMMC model consists of 14 domains that align with the families specified in the NIST SP 800-171 publication. Therefore, a successful scoping & gap assessment begins by conducting a deep-dive into each of the respective domains and the accompanying “Practices”. The end result is a complete listing of gaps found, steps needed to remediate them, along with offering tools & solutions to support the overall remediation process.

Step 2: Prioritization Plan for Remediation (PPR)

Following the Step 1 Control Framework Walkthrough, Arlington will deliver a Prioritization Plan for Remediation (PPR). Compiled and developed by our expert DoD consultants, the PPR will detail all control gaps found, the necessary tools and solutions needed to remediate all gaps, while also providing helpful documentation – such as our policy templates – for finishing the job.

Step 3: Tools & Templates Support

With Arlington, you receive unparalleled support from a firm with decades of DoD experience. This includes offering our industry leading CMMC security policy templates, those built on the NIST SP 800-53 framework. Because a large part of remediation with the CMMC framework requires numerous policies and procedures to be in place, our templates are immensely helpful, saving defense contractors both time and money.

Step 4: Project Management Remediation & Validation

Once the CMMC control gaps have been identified and all the relevant tools & solutions are provided to you, Arlington can then project manage all remediation efforts.