Tel: 703-421-0104
CMMC Level 2 Certified
“This early certification allows us to continue supporting mission-critical initiatives for the defense industry."
— Jim McAleese
Certification
McAleese and Associates Achieves Early CMMC Certification Readiness Through Strategic Partnership with ActiveCyber
McAleese and Associates is proud to announce the successful completion of its Cybersecurity Maturity Model Certification (CMMC) Level 2 assessment readiness program through a strategic partnership with ActiveCyber.
At a time when many organizations across the defense industrial base continue to treat CMMC as a future requirement, McAleese made the deliberate decision to act early, building a structured, audit ready cybersecurity program aligned with emerging Department of War expectations.
This proactive approach positions McAleese to continue supporting mission-critical defense initiatives while maintaining the highest standards of cybersecurity and compliance.
Moving Before the Requirement and Strengthening the Defense Ecosystem
Rather than waiting for final rulemaking or contract mandates, McAleese approached CMMC as a strategic business decision.
Working with ActiveCyber, the team expanded its NIST 800-171 efforts into a fully operational security program designed to meet CMMC Level 2 assessment standards. The objective was clear: achieve certification readiness before it becomes a contractual requirement.
By acting early, McAleese strengthens its ability to support defense primes, partners, and government stakeholders with confidence while staying ahead of anticipated assessment bottlenecks as more organizations across the defense industrial base pursue certification.
Preparing ahead of widespread industry demand reduces operational risk, ensures continuity of support, and positions the firm for certification, while many organizations are still preparing for assessment.
Building a Certification Ready Program
ActiveCyber partnered with McAleese to transform cybersecurity from a project-based compliance effort into an operational program integrated across the organization.
Key elements of the effort included:
• Establishing a validated NIST 800 171 baseline aligned with CMMC Level 2
• Developing a comprehensive System Security Plan (SSP) and structured POA&M process
• Implementing clear control ownership across the organization
• Creating audit ready evidence aligned with C3PAO assessment expectations
• Conducting mock assessments and resiliency testing to confirm readiness
This structured approach ensured that security controls were operational, repeatable, and defensible under formal assessment conditions.
Copyright © 2026 McAleese and Associates - All Rights Reserved.
GSA Multiple Award Schedule Contract GS-00F-305GA
CMMC Level 2 Certified | Safeguarding Controlled Unclassified Information (CUI)
Participation in the Defense Programs Conference (DPC) does not imply or constitute Department of War (DoW) or any of its components’
endorsement of McAleese and Associates, its products, services, the DPC, or comments concerning Federal Government policy or intentions.