Duffy Compliance is a consulting firm with an enterprise-level background based in Maryland, serving companies nation-wide. We provide the guidance businesses need to get and stay compliant.
Our main goal is simple: to simplify your compliance process, safeguard your information systems, and help you achieve accreditation with as little stress on your part as possible.
We bring decades of enterprise-level experience and knowledge to our current clients. We have several solutions to meet a multitude of different environments. We have been working with NIST 800-171 since its inception. We do our best to offer our extensive experience at an affordable rate.
- IT Service Companies
- Healthcare Providers on DR / COOP planning
- Financial Loan Office security architecture and compliance mandates
- Large Professional Entertainment Organization
- IT Service Companies
- Commercial SaaS Web Applications
- Insurance Companies
- Trucking Supply Stores
- Electric Car Charging Provider
- Risk and Compliance Audits
- Compliance with CMMC
- Compliance with HIPAA Security Rule
- Compliance with Protecting DFAR / CUI
- Compliance with Cybersecurity Framework (CSF)
- Compliance with FISMA
Shawn Duffy, CISSP
Duffy Compliance Services President and CEO Shawn Duffy has been involved in the IT security industry since the moment he left college in 1992. In one of his first roles, he became the lead administrator in support of an environment containing 250 remote sites. He has worked with early firewall appliances and built some of the first Access Control Lists (ACLs) before many network devices even had the capability to use them.
Shawn Duffy has a proven track record with extensive experience in leading and supporting Information Assurance and System Security programs. He has experience in sales, security engineering, and as a contributor with large contractors, such as Northrop Grumman and General Dynamics, as well as in risk and vulnerability management and government compliance. Focus areas include: CMMC, DFARS/CUI, FISMA, Threat Management, Vulnerability, Assessments and Penetration Testing.
“I believe every business should be as knowledgeable about their systems as possible. Whether you are looking to validate the work of your IT staff or just looking to augment their capabilities, we want to be a part of your solution as trusted consultants. Risk is not about which products you choose to protect your network, it is about your resistance to exposure.”
– Shawn Duffy, President, Duffy Compliance Services, LLC.
Dawn Shuler is the Integrator for Duffy Compliance Services. (Integrator is akin to Chief Operating Officer and comes from the EOS – Entrepreneurial Operating System – made famous by Gino Wickman in his book Traction.) As Integrator, Dawn coordinates the three main areas of the business: Marketing & Sales, Operations, and Finance & Administration. She brings almost two decades of experience assisting, managing, and leading businesses, and she has a deep passion for systems and processes. She loves being creative, and she gets excited creating a spreadsheet or new system. Dawn lives in Virginia with her husband Mark and cat Kojo, and occasionally is visited by her two adult daughters. In her spare time, she hikes, quilts, and paints.
Director of Client Services
Steve is our Director of Client Services at Duffy Compliance Services, bringing a wide array of skills and experiences. He is a seasoned ISO Auditor with over 25 years of experience in a variety of ISO/IEC Standards, conducting external and internal audits, strategic marketing, business development, sales, and program development/leadership efforts. Steve was also an integral part of the team who launched and grew the A2LA FedRAMP Accreditation program. At Duffy Compliance, he appreciates that the work we do has a positive impact on individuals and businesses by helping them protect what is important to them. In his spare time, Steve likes spending time with his family and enjoys mountain biking.