BARR Advisory, a global cybersecurity and compliance firm, has achieved authorization as a Certified CMMC Third-Party Assessor Organization (C3PAO). The designation allows BARR to perform formal certification assessments for organizations pursuing Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance.
“Our team has deep experience guiding organizations through complex compliance initiatives, and this accreditation allows us to extend that expertise into formal CMMC certification assessment services,” said Cameron Kline, practice leader of attest services at BARR Advisory.
CMMC is a cybersecurity framework developed by the U.S. Department of Defense (DoD)—also known as the U.S. Department of War—that outlines security requirements for organizations handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). The framework is designed to strengthen cybersecurity across the Defense Industrial Base (DIB) and protect sensitive government information from evolving threats.
As a C3PAO, BARR Advisory is authorized to conduct CMMC Level 2 certification assessments, providing organizations with the validation required to demonstrate compliance with the DoD’s cybersecurity standards.
“For organizations, achieving CMMC compliance not only opens up doors to new defense contracting opportunities, but it also provides a strong foundation for managing risk, protecting sensitive data, and building long-term cyber resilience,” Kline said. “We look forward to helping defense contractors, suppliers, and organizations across the broader defense contracting ecosystem confidently navigate the certification process and secure eligibility for critical government contracts.”
BARR’s designation as a C3PAO comes just months after the firm announced it was among the first 10 U.S. firms accredited by the ANSI National Accreditation Board (ANAB) to certify against the three standalone ISO/IEC frameworks for management systems: ISO 27001, ISO 27701, and ISO 42001.
BARR is also part of an elite group of U.S. firms that is eligible to perform attestations against all of the leading global cybersecurity and compliance frameworks, which include ISO 27001, SOC 2, HITRUST, and PCI DSS.
Learn more about BARR Advisory’s CMMC readiness and certification assessment services: https://www.barradvisory.com/services/cybersecurity-consulting/cmmc-compliance/
ABOUT BARR ADVISORY
BARR Advisory is a security and compliance solutions provider specializing in cybersecurity and compliance for organizations with high-value data that serve regulated industries such as healthcare, financial services, and government. Serving some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements.
BARR Advisory services include:
- Advisory & Managed Services
- GRC & Engineering
- Assessments
- Attestation & Certification
BARR services span all major security, privacy, and regulatory frameworks:
- SOC (SOC 1, SOC 2, SOC 3, and SOC for Cybersecurity)
- ISO Certification (27001, 27017, 27018, 27701, 42001, 9001, 22301)
- Healthcare (HITRUST, HIPAA)
- Government (FedRAMP, GovRAMP, CMMC, DFARS, NIST)
- Privacy & Data Protection (GDPR, CCPA, GLBA, PCI DSS, CSA STAR, Microsoft DPR)
View source version on businesswire.com: https://www.businesswire.com/news/home/20260602722190/en/
Media gallery
