Press Release: Duffy Compliance Services has been approved by the CMMC Accreditation Body as a candidate Certified 3rd Party Assessor Organization (C3PAO)

Feb 8, 2021 | CMMC, Blog, Company Milestones, Cybersecurity, News, Press Releases

New Market, Maryland, February 8, 2021 – Duffy Compliance Services, a provider of cybersecurity consulting and compliance services is now approved as a candidate Certified 3rd Party Assessor Organization (C3PAO) by the CMMC Accreditation Body.

The CMMC Accreditation Body is authorized by the US Department of Defense to be the sole source for the delivery of CMMC assessments and training within the DOD contractor community, or any other communities that adopt the CMMC.  A C3PAO is authorized to schedule, manage, and provide assessments for organizations seeking to be CMMC compliant.

Every federal contractor that stores, processes, or transmits Controlled Unclassified Information (CUI) and now Federal Contract Information (FCI) or Covered Defense Information (CDI) is required to achieve and maintain CMMC compliance without exception. The CMMC requirement also includes subcontractors and any organization within the DoD supply chain that share in the use of CUI, FCI, and/or CDI information.

Duffy Compliance Services provides qualified cybersecurity service as identified by the National Institute of Standards and Technology’s (NIST) through compliance audits and remediation services for the Defense Federal Acquisition Regulation Supplement (DFARS) Controlled Unclassified Information (CUI) regulation.

“We are excited to have earned this designation.  Failure to achieve and maintain CMMC certification will impact our country’s national and economic security.  Our clients are doing their part in protecting our nation’s future in the world,” said President and CEO Shawn Duffy. “We want our clients to be as successful as possible, and confirming they are compliant contributes to their success as well as our government.”

About Duffy Compliance Services

Duffy Compliance Services is a provider of cybersecurity assessments and compliance services to federal contractors. We are based in Frederick County, Maryland, and have served the Mid-Atlantic region and beyond since 2014.  For more information, visit our website at or reach us via email at



Dawn Shuler
Chief Operating Officer
Duffy Compliance Services

Subscribe to Our Monthly Newsletter

Free education for cybersecurity.


Your personal information will not be shared and you are able to unsubscribe at any time.