Redspin Becomes the First C3PAO to Perform a Successful JSVAP Assessment

AUSTIN, Texas (January 5, 2023) -Redspin, a Division Clearwater and the first organization authorized as a Cybersecurity Maturity Model Certification (CMMC) Third-Party Assessment Organization (C3PAO), announced today that its client, Aero-Glen International, LLC, passed its Joint Surveillance Voluntary Assessment Program (JSVAP) assessment. The JSVAP is designed to verify proper cybersecurity practices and processes are in place to securely handle the U.S. Department of Defense’s (DoD) sensitive information. Aero-Glen International, LLC is one of the first Defense Industrial Base (DIB) Contractors to undergo this assessment, which was conducted by Redspin.

The goal of CMMC is to ensure Defense Industrial Base (DIB) contractors securely store, process, and/or transmit Department of Defense (DoD) controlled unclassified information (CUI), and/or Federal Contract Information (FCI), and meet NIST 800-171 cybersecurity requirements, to continue doing business with the DoD. The JSVAP allows authorized C3PAOs to assess DIB organizations that have implemented NIST 800-171 practices until the CMMC rulemaking process is complete and mandatory requirements are defined.

“The CMMC program is an important initiative to ensure our DIB contractors meet cybersecurity standards, which are necessary to protect our Nation’s sensitive data. By passing this assessment, Aero-Glen has led the way in demonstrating its commitment to cybersecurity,” said Brian McManamon, General Manager of Clearwater’s Redspin division. “We are proud to have performed this assessment for Aero-Glen under the JSVAP. We stand behind the Pentagon’s ambitious framework to combat cybercrime against the military supply chain.”

“We take cybersecurity and data protection seriously and are proud to be at the forefront of this important set of standards,” said Zbigniew Kaniewski, Vice President of Information Technology and Continuous Improvement at Aero-Glenn International. “As the first organization to pass this joint assessment, we believe we are demonstrating our company’s commitment to protecting sensitive information and maintaining the highest level of security in our operations.”

The joint voluntary assessments allow authorized C3PAOs to assess DIB organizations that have implemented NIST 800-171 practices until the CMMC rulemaking process is complete, and mandatory requirements are defined. Currently, Organizations Seeking Certification (OSC) must volunteer to participate in the joint assessment program, outlined in DCMA Manual 2303-01, “Surveillance,” which is conducted simultaneously with the Defense Contract Management Agency (DCMA) Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) and an authorized C3PAO. OSCs that pass the assessment will be issued a DIBCAC High certificate until the interim rule is in place. It is anticipated then that the DoD will allow the DIBCAC High certificate to be replaced with a CMMC Certificate.

About Aero-Glen International

Aero Glen International, LLC (www.aeroglen.com) is a leading aerospace stocking distributor servicing commercial, defense, space & maritime industries. Established in 1976, Aero-Glen provides fastening hardware, build-to-print parts, customized kitting programs, bin management, and 3PL/4PL services. Aero-Glen’s core values are focused on three key principles – Commitment, Execution, and Results. These same principles are critical to maintaining the highest standards of cybersecurity and data protection in all of its operations.

About Redspin
Redspin is a division of cybersecurity and compliance company Clearwater, which focuses on improving the cyber readiness and resiliency of Defense Industrial Base (DIB) organizations. As the first authorized C3PAO for CMMC, Redspin has the expertise and resources to help DIB organizations to minimize cyber risks and protect sensitive information.

###