Cybersecurity Maturity Model Certification Third-Party Assessment Services
Location:
Virginia, United States
Posted on:
Deadline:
Summary:
Seeking a qualified third-party organization to provide CMMC assessment services for secure and high-performance computing environments in Virginia.
Get full access to this RFP
Download the full RFP document and use Settle's AI to analyze requirements, estimate budget, and draft winning responses in minutes.
The government authority located in Virginia is seeking a qualified vendor to provide Cybersecurity Maturity Model Certification (CMMC) assessment services. The selected third-party assessment organization will be responsible for evaluating compliance across a secure enclave comprising a network architecture that supports virtual desktop infrastructure, network-attached storage with remote access capabilities, and a High Performance Computing (HPC) cluster architecture.
Additionally, the scope includes systems not connected to any networked environment, which are managed through a master system security plan with individualized addendums. The vendor will be expected to provide thorough, compliant assessments covering all aspects of the listed architectures and environments. All vendor questions regarding the RFP must be submitted by March 20, 2026.
Best-fit vendors:
• Certified CMMC Third-Party Assessment Organization (C3PAO)
• Demonstrated experience with government cybersecurity assessments
• Expertise in secure enclave and HPC architectures
• Based in or able to operate within Virginia
• Familiar with managing complex, multi-environment compliance evaluations
