PAC is the first sovereign company to offer CMMC services and IRAP assessments in Australia

AUSTRALIA

News

PAC is the first sovereign company to offer CMMC services and IRAP assessments in Australia

July 10, 2023

We are pleased to announce the launch of a new service dedicated to Australian businesses working in the USA Defense supply chain: Cybersecurity Maturity Model Certification (CMMC) Level 1 and Level 2 Services. As the only Australia-based sovereign company with Cybersecurity Maturity Model Certification (CMMC) accreditation body – Cyber-AB – endorsed RPA personnel, PAC, as a Registered Practitioner Organisation (RPO), is uniquely positioned to provide consulting and implementation services for CMMC Level 1 and Level 2. In addition, we are the first company in the country to offer a service portfolio with CMMC services and Information Security Registered Assessor Program (IRAP) assessment.

CMMC is an initiative designed to help protect the data shared within the USA’s Defense Industrial Base (DIB) and the contract information essential for National Defense. Its primary objective is to verify the safeguards and practices that ensure basic cyber hygiene and the protection of controlled unclassified information (CUI). Like Australia’s Defence Industry Security Program (DISP) – a service also offered by PAC –, CMMC follows a multi-tiered framework where each level of capability builds upon the previous one.

Recognising the industry’s need for understanding both Australian and US cyber security accreditation requirements, and with the anticipated compliance with CMMC due to AUKUS info-sharing requirements, many SMEs may find it challenging to decipher IRAP, CMMC, Essential 8, NIST, and FedRAMP requirements. Failure to comply also increases the risk of prosecution and fines under the False Claims Act for cyber deficiencies.

As a Registered Practitioner Organisation (RPO), our Cyber Security team can provide advice, consulting, and recommendations to other businesses to help them meet CMMC requirements. To achieve this, we will determine the appropriate certification level to target, conduct an audit-readiness assessment, address any gaps, document new processes and practices, test, validate, and document the results, resolve any remaining gaps after an audit, and remain engaged to ensure clients’ progress undergoes periodic validation.

Why choose PAC?

All our operational staff are experienced in supporting Defence and Commercial clients working in Defence security domains.
We also provide Essential Eight Gap Analysis and Maturity Model Assessment, ISO 27001 Audit, IRAP and DISP Cyber Readiness Assessments, Governance Risk and Compliance, Security Architecture and Engineering, and other managed services.
We maintain a Defense Export Compliance Program, including ITAR and can advise and assist.
With an operational focus, we understand the delicate balance between system security and system functionality, going above and beyond to support you throughout the process.
We deliver end-to-end support focused on the user experience, working with you to solve your unique problems and saving time and money.