Flexible CMMC IT and compliance support from Deltek’s Cloud pioneer.
Wherever you are in your CMMC compliance journey, Altus Integrated Services stands ready to help.
We’ve been at the forefront of compliance and the cloud for government contractors since 2004,
when we launched as Deltek’s first hosting partner.
Along the way we’ve pioneered the first ITAR-compliant cloud for Deltek, the first NIST800-compliant cloud,
the first with Encryption In-Flight and Encryption At-Rest, and more.
Altus Integrated Services offers 4 approachable CMMC suites
to help you reach your next compliance step.
UNDER WAY WITH YOUR CMMC COMPLIANCE JOURNEY?
We're Here to Help.
Though compliance mandates for government contractors may seem like a moving target, we have clear eyes on your goals, and we'll help you get there.
We're committed to easy communications and measurable results, so we've mapped the journey to CMMC compliance in 4 approachable steps.
Whenever you're ready, let's schedule some time to discuss the best path to fit your needs.
CMMC Readiness Scorecard
Not sure of your path to CMMC readiness? Our Scorecard shows you the way.
(Best for CMMC Level-1 compliance.)
Altus helps you:
- Understand your CMMC requirements
- Identify your CMMC scope
- Determine your Maturity Level
- Rate your CMMC readiness and get ready for self-assessment
Gap Analysis + Collaborative Self-Assessment
With your readiness scorecard from Altus, you know what's under control and where you need to worry.
Actionable fixes so you're assessment ready:
- Guided Self-Assessment for DoD's Supplier Performance Risk System (SPRS)
- CMMC Gap Analysis
- C3PAO matching: we find your best assessor partners
- scope for IT policies and actions for remediation presented after Gap Analysis
Managed CMMC-IT for Day-to-Day Compliance
Includes Steps 1 and 2 above + ISSM as a Service!
- CMMC Readiness Scorecard
- Guided Self-Assessment (NIST800)
- CMMC Gap Analysis and IT Remediation
- Quarterly ISSM as a Service support
Plus, IT support for your entire staff:
- in the office
- working remotely
- at project sites
And, management for every device and system:
- workstations, tablets and mobile, including procurement
- networking and authentication
- desktop productivity apps
(includes Microsoft 365 licenses – E5 level)
- email, chat, and collaboration
- ECM and records retention
- Back-ups and DRaaS
- specialty hosted apps
With responsive and respectful help, any time and any place:
- U.S.-based on-line support 24x7x365
- on-site support for teams in need
- tailored training upon request
Ongoing Assurance with “ISSM as a Service”
Stay on track with growing compliance mandates.
- up-to-date System Security Plans supporting both NIST800 and CMMC
- coordination, hands-on documentation, and follow-ups for your IT security inspections
- Quarterly security and compliance reviews for your FSO
- Compliance console for ongoing visibility
WE'RE WITH YOU EVERY STEP OF THE WAY.
Don't Just Take Our Word for It.
Ready to continue your compliance journey?
No matter where you start, we're ready to help you reach your CMMC destination.
Our Registered Practitioners prepare you for CMMC assessment, identify your compliance gaps, and match you with the best assessor organizations.
We offer Managed CMMC-IT Services too.
(You get CMMC compliance built in.)
Compliance We Support:
Your CMMC Readiness Scorecard
As you plan for your CMMC assessment, our Registered Practitioners partner with you to perform a streamlined review of your current IT landscape and procedures. Your CMMC Scorecard from the Atlus Integrated team becomes your roadmap to compliance.
Understanding your CMMC and other requirements
Spanning every CMMC control, we map the policies and procedures you need for compliance, and clearly explain what they mean for your people and your IT. We do the same for ITAR, NIST800, CMS, SOX and more too, as needed.
Identifying your CMMC scope
Based upon your current and planned contract requirements, we then work with you to figure out how much of your business must comply with CMMC. Do you need compliance for a project, division, or your entire enterprise?
Setting your maturity level
Tracking with CMMC 2.0 maturity levels – from basic safeguarding of Federal Contract Information to proactively addressing Advanced Persistent Threats – we help you understand your required maturity level, which may encapsulate up to 173 practices and procedures for readiness.
Your readiness scorecard
After triangulating your compliance mandates and relevant organizational reach with your CMMC maturity level and more, we score your current policies and procedures for compliance readiness.
Your IT Policy Gap Analysis for CMMC
With your CMMC Scorecard in hand, our team next turns to assessing your IT policies and procedures for compliance. We provide clear guidance on which practices are on point and which miss the mark (or are missing entirely). As we work in close collaboration with you and your team, your "guided self-assessment" is SPRS submission-ready.
Guided NIST800 Self-Assessment
One of the first steps for CMMC certification is to perform a self-assessment based upon NIST800 controls and your requisite CMMC level. With Altus, a "guided self-assessment" comes along with your CMMC Gap Analysis. As we're then crafting our detailed narrative for your CMMC readiness, you're able to submit your self-assessment early to the DoD's Supplier Risk Management System.
Your CMMC gap analysis
With your assessment as our guide, our Registered Practitioners next scour your current IT policies and procedures to determine how they stack up with your compliance requirements. This analysis shows exactly where you’re confidently performing for CMMC, where you need to brush up, and where you need major help to gain certification.
Actionable IT readiness recommendations (priced separately)
Next, we craft clear and concise guidance giving you the policies you need to meet your CMMC scope and maturity mandates. Your readiness recommendations are an actionable mix of written procedures, IT tasks (for hardware, systems, security measures, and deployment practices), plus staff training steps to prepare you for your CMMC assessment.
Find your best C3PAO
As you progress with executing your readiness recommendations and fixes, we’ll help you find the best C3PAO for your assessment. Our matchmaking process gives you several candidates to choose from, all carefully vetted to match your CMMC needs and your culture, thereby maximizing your compliance success.
Managed CMMC-IT Services for Everyday Compliance
Our readiness reviews and policy analyses often reveal that many orgs seeking CMMC compliance also require IT support, augmenting their staff and their operational leadership. When you choose Altus Managed CMMC-IT Services, our CMMC evaluation, gap analysis, and guided self-assessment are all included, plus quarterly ISSM as a Service support.
Who needs IT help?
Some users need more support than others. No matter where your team may be – in the office, working remotely, or at project sites – our Managed CMMC-IT Services help those who need it most, and those just looking for an occasional assist.
What systems need attention?
Whether you need help with workstations and procurement, networking and authentication, desktop productivity apps, email, or ECM and records retention (or all of the above), our managed IT team is ready take on as little or as much as you need. Back-ups and DRaaS included too.
Where and when would you like us to assist?
Altus CMMC-IT support staff are always available on-line 24x7x365. We'll also come to your sites too whenever you need, as many users find regular hands-on help to be the best.
Ongoing Compliance with “ISSM as a Service”
Even for organizations that have attained CMMC certification, continued planning, inspections, and compliance reviews are a must. With our "ISSM as a Service" option you'll be sure to maintain your CMMC status, and be ready as additional compliance mandates arise.
Your System Security Plans
Supporting both NIST800 and CMMC requirements, we’ll collaborate with you to craft System Security Plans as needed, and we’ll keep them up to date.
IT Security Inspections Support
Throughout the year as IT Security Inspections arise, Altus supports and manages your response, including: scheduling and coordinating site visits, servicing inspection requests, documentation and reporting, and any follow-on actions and artifacts.
Quarterly security and compliance reviews for your FSO
To maintain your facility clearances, we’ll partner with your IT leadership and FSO to document IT controls, and enact enhancements as needed for ongoing compliance.