Cybersecurity & CMMC

We have nationally accredited information security experts whose sole focus is to help our clients meet their risk management goals and compliance obligations with risk management, Regulatory support including certified CMMC Assessor (C3PAO), NERC CIP, PCI-DSS, and HIPAA, security and vulnerability reviews, security monitoring, training and awareness, program audits and incident response planning.

The CMMC Final Rule in Effect

The CMMC Final Rule went into effect on December 16, 2024. DoD contract holders and subcontractors working on DoD contracts that handle Controlled Unclassified Information (CUI) must comply with the Cybersecurity Model Certification (CMMC) standards and will need to be assessed to confirm compliance.

Guernsey HoganTaylor Partnership

The Guernsey / HoganTaylor Partnership: CMMC Services

Guernsey, the only Oklahoma-based Certified Third-Party Assessment Organization (C3PAO), has partnered with HoganTaylor, one of the largest business advisory and public accounting firms in Oklahoma and Arkansas, to provide Cybersecurity Maturity Model Certification (CMMC) services including:

  • Audit readiness assessments ("audits")
  • Consulting to address compliance gaps
  • Official certification assessments

Insights

Cybersecurity Maturity Model Certification (CMMC)

Guernsey is the eighth company in the country and the only company in Oklahoma to achieve the status of a CMMC Authorized C3PAO

Insights

Governance Risk and Compliance (GRC)

Guernsey can help you meet regulatory and compliance obligations by implementing a Governance Risk and Control Program. Depending on regulatory or contractual requirements, organizations may be required to be compliant with different cybersecurity frameworks, pass a regulatory review or audit...

Insights

Incident Response

The Guernsey team supports Emergency Response Plans by providing services that are required under regulatory or as a condition of your insurance coverage. We serve financial institutions, government entities, and other regulated organizations that are required to maintain Incident Response...

Insights

Digital and Accounting Forensic Services

Guernsey Forensic professionals include certified accountants, auditors, fraud examiners, and security professionals that provide a full suite of digital and accounting forensic services. For over 90 years, Guernsey has earned a reputation for quality and attention to detail that is...

Insights

Cybersecurity Management Services

Tools such as Security Event Management, Intrusion Detection Systems, and Vulnerability Scanners are designed to look at your systems and logs in order to detect incidents early. These tools are often an underutilized resource for a security program. If your...

Insights

Penetration Testing

What is a penetration test? Is the process of identifying security gaps in your IT infrastructure by conducting simulated real-world attacks on physically connected infrastructure and network access to computer systems. This simulated attack can happen on the Internet-facing external...