Dixon Hughes Goodman LLP (DHG)

As CMMC requirements evolve and begin to appear in DoD RFIs and RFPs, we are helping contractors anticipate potential compliance issues and prioritize resources to meet compliance objectives with the following services: 

  • DHG will Perform CMMC 2.0 Level 1 and Level 2 Certification Assessments Once Framework is Final
  • Readiness Assessments and Gap Analyses Against CMMC 2.0 as an Authorized C3PAO
  • System Security Plan (SSP) and Documentation Development
  • Fractional CISO Services and Project Management
  • Security Program Design and Advisory
  • Offensive Security / Penetration Testing
  • Security Awareness Training Program Assessment
  • Financial Advisory and Cost Allowability of CMMC

 DHG’s Technology Compliance team works with additional IT and cyber-focused frameworks:

  • PCI Qualified Security Assessor (PCI QSAC) Assessments
  • HITRUST Assessments (HITRUST Certified Assessors)
  • ISO 27001 Audits (ISO 27001 Lead Auditors)
  • CSA STAR Attestations
  • FedRAMP and StateRAMP Advisory

 Connect with DHG’s Tom Tollerton with any questions about DHG’s capabilities.