.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Reporting Your DoD Self Assessment (SPRS) Score: What to Know
by Kelly O’Brien on June 10, 2025 at 2:59 PM
If you contract with the Department of Defense (DoD)—directly or indirectly—you’re likely required to report a cybersecurity self-assessment score to the Supplier Performance Risk System (SPRS). SPRS is a web-based system used by the DoD to track and assess contractor performance and …
Shipbuilders Council of America Spring Membership Meeting Takeaways
by Chanci Gadbois on May 30, 2025 at 12:50 PM
Earlier this month, I had the opportunity to attend the Shipbuilders Council of America (SCA) Spring Membership Meeting in Washington, D.C. The room was filled with national security leaders, lawmakers, and key players from across the U.S. shipbuilding ecosystem. What united everyone? …
CMMC & the Executive Order: A New Era for Shipbuilders
by William DePalma on May 2, 2025 at 2:23 PM
America’s shipbuilding renaissance is underway. On April 9, 2025, President Trump signed a sweeping executive order aimed at revitalizing the U.S. shipbuilding industrial base—an industry long seen as vital to both economic strength and national defense. At the same time, shipbuilders …
Subcontractor Survival: Meeting Prime Contractor CMMC Requirements
by William DePalma on April 17, 2025 at 1:53 PM
The cybersecurity landscape for the defense industrial base (DIB) has shifted. With the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 moving swiftly toward full enforcement, subcontractors are finding themselves under growing pressure — not only f …
What Is a C3PAO in CMMC?
by Kyle Daun on December 2, 2024 at 1:45 PM
In today’s cybersecurity landscape, organizations that work with the U.S. Department of Defense (DoD) must adhere to stringent security standards to protect sensitive information. A critical component of achieving compliance with the Cybersecurity Maturity Model Certification (CMMC) i …
Transitioning to CMMC 2.0 – The Five Stages of Grief
by Derek Boczenowski on November 10, 2021 at 2:46 PM
Late last week, the Pentagon put out a memo that stuck a knife in the heart of CMMC 1.0, to replace it with the new and shiny CMMC 2.0! CMMC is dead, long live CMMC!