CMMC Compliance

CMPRO is developed and maintained by PSA Inc., an American owned small business. PSA Inc.’s staff are American citizens with government background checks, current government required cyber security training, and government clearances where appropriate.  PSA and CMPRO are both meeting CMMC (NIST 800-171) specifications, with our team being CISSP supervised for cyber security compliance. We also use our own product to meet the CMMC documentation requirements.

CMPRO is updated with functional, feature and security enhancements quarterly. Necessary components such as Oracle and Adobe ColdFusion are maintained with the latest security patches and Security Technical Instruction Guide (STIGs) as often as required. PSA maintains trained cyber security IT Ops and DevOps personnel to ensure the quality of CMPRO’s security profile is maintained on our cloud and on premise hosted products. 

DADMS approved in the US Navy:

CMPRO has been in use by the Navy for over 25 years and is DADMS approved in the US Navy without restrictions. Multiple ATOs for CMPRO have been approved in NAVWAR, NAVSEA, and NAVAIR (details available upon request). CMPRO is currently used by every major Naval command, including SPECWAR and the USMC. CMPRO is meticulously maintained to security standards operating on NIPR and SIPR (.mil) networks with multiple Navy Authority to Operate (ATOs) using the DoD eMASS (Enterprise Mission Assurance Support Service) system. CMPRO is also registered in DITPR DON (Department of Defense Information Technology Portfolio Repository-Department of the Navy)

DoD (Not Navy) and Homeland Defense:

CMPRO servers are operated by every branch of the DoD, the Joint Program Office (JPO) and by the Department of Homeland Security (DHS) - the Coast Guard and Customs and Border Protection (CBP).  CMPRO has an Enterprise CoN with the Army, with multiple instances of CMPRO operating on various Army networks.