Recommended C3PAOs & Consultants
CMMC 3rd-Party Assessment Organizations (C3PAOs) and compliance consultants are essential to the Level 2 (C3PAO) certification process. These organizations are responsible for evaluating a defense contractor's implementation of and adherence to the 110 controls outlined in NIST SP 800-171.
.png?width=2000&height=566&name=Performance%20Solutions%20(R).png)
CONTACT INFORMATION
Evan Neufeld
443.561.1334
As the first organization certified by the Cyber AB to support the entire CMMC ecosystem, EdWPS is uniquely positioned to provide comprehensive CMMC solutions.
Their Services Include:
- CMMC Preparation or Assessment & Certification: As an Authorized CMMC Third-Party Assessment Organization (C3PAO) and a Registered Practitioner Organization (RPO), they offer a range of services, including gap assessments, CMMC plans of action, & formal CMMC Level 2 assessments. Their team of cybersecurity experts bring extensive experience in assessing and interpreting standards, guidelines, and best practices to improve cybersecurity programs.
- CMMC Training and Certification: As an Approved Training Provider (ATP) and Approved Publishing Partner (APP), we provide comprehensive training programs and curriculum to develop a skilled CMMC workforce.
By choosing EdWPS as your CMMC partner, you're receiving high-quality services from experts who understand your industry and are focused on your organizational goals.

CONTACT INFORMATION
Eric Levitas
443.800.2590
ControlCase, a global leader in Compliance as a Service (CaaS), empowers organizations to navigate the complexities of CMMC compliance and beyond.
CMMC Made Easy:
- Comprehensive CMMC Assessments: Identify gaps and develop remediation plans to achieve your desired CMMC level.
- Trusted C3PAO: Leverage our expertise as a CMMC Third-Party Assessment Organization (C3PAO) to ensure a smooth assessment process.
- Beyond CMMC: They offer solutions for a wide range of compliance needs, including PCI DSS, ISO 27001, SOX, GLBA, and more. The ControlCase One Audit™ solution enables organizations to perform a single audit & comply to multiple regulations.
Navigating the complex landscape of regulatory compliance can be overwhelming. ControlCase simplifies this journey & have successfully helped hundreds of clients achieve and maintain compliance with standards like PCI, SOX, and GLBA.
.png)
CONTACT INFORMATION
Paulette Roccio, CCP
413-603-0842
Kieri is a small, lean team of seasoned experts who deliver fast, high-quality insights by involving knowledgeable professionals at every stage of the process. With a deep understanding of the balance between security and functionality, Kieri values:
- Risk-based approaches to minimize client exposure to costly breaches
- Robust processes to manage complex enterprise networks
- Fixed-price quotes and assessment cost transparency early in the process
For organizations seeking CMMC consulting, gap analysis, or a certified third-party assessment, inquiries can be directed to Paulette Roccio.

CONTACT INFORMATION
Chris Haigh
312.972.4730
Meerkat Cyber helps organizations prepare for CMMC success with comprehensive, expert-driven support focused on clarity, compliance, and actionable outcomes. Their services include:
- Readiness Assessments: Identify gaps in your CMMC compliance and turn uncertainties into clear action items before your formal assessment.
- Expert-Led CMMC Level 2 Guidance: Navigate all 110 NIST SP 800-171 controls with support from certified professionals to reach a perfect score and safeguard your government contracts.
- Actionable Remediation Plans: Receive not just a list of issues, but a tailored Plan of Action & Milestones (POAM) with practical, step-by-step solutions.
Meerkat Cyber's goal is to provide the best unbiased, expert-driven advice focused solely on your organization's best path to full compliance.
CONTACT INFORMATION
Matthew A. Titcombe
352.575.9737
Peak InfoSec has supported the Defense Industrial Base since its inception in 2016. They specialize in:
- Conformity assessments for each CMMC maturity level and NIST 800-171
- Comprehensive consulting services providing your organization with a gap assessment, design of and guidance through your remediation plan, and a final conformity assessment
- Official CMMC Level 2 certification assessments and POA&M assessments
It takes a lot of work to get ready and your contracts supporting the Federal government are on the line. Contact Peak InfoSec to see how they can help your organization.
CONTACT INFORMATION
CohnReznick, a leading advisory, assurance, and tax firm, & one of the first authorized CMMC Third-Party Assessment Organizations (C3PAO).
What sets CohnReznick apart?
- Proven Track Record: CohnReznick has extensive experience working with government contractors and understands the unique challenges you face.
- Government Contracting Expertise: Working with a CMMC services provider that also has significant bench strength in the government contracting arena can help ensure that your financial and procurement processes are compliant, efficient, and effective to help increase your chances of winning federal contracts.
The path to CMMC compliance can be complex. Choose a partner who understands both CMMC regulations and the nuances of government contracting.