IAPMO R&T is proud to announce a new service, performing NIST SP 800-171 gap analysis and compliance assessments for Department of Defense primary and subcontractors to help them comply with Defense Federal Acquisition Regulation Supplement (DFARS) regulations. IAPMO R&T has streamlined the entire process, reducing the time and resources needed to obtain and demonstrate compliance.
The two-step process consists of a gap analysis and a compliance assessment.
The gap analysis looks for disparities between the client’s current NIST SP 800-171 program and the new NIST SP 800-171 requirements. IAPMO R&T’s highly qualified assessment team will take a close look at the client’s network and procedures and will interview the client’s internal IT team to determine the level of NIST SP 800-171 compliance. An assessment team will provide a detailed gap analysis report identifying gaps and ideas on how to fill them so that the client can create its own remediation plan for NIST SP 800-171 compliance.
The gap analysis also includes a detailed report identifying the necessary steps to become CMMC Level 3 compliant as well as a system security plan, which identifies the functions and features of the client’s information system, including the Plan of Action and Milestones (POA&M). The POA&M outlines the action items needed to reach compliance and the timeline to get there. In its final guidance, the Department of Defense states that an SSP and a POA&M are required in order to prove a business is working toward a state of compliance.
“Seeing the needs from our clients and the industry, we are pleased to be able to offer this service,” said Shirley Dewi, IAPMO R&T’s senior vice president of Management Systems Registration Services. “We understand that this process can be daunting and expensive, so we always try to find ways to make that process as simple and cost effective as possible. This way our clients can focus more on actually providing the best service for their clients and growing their business.”
The gap analysis can be completed remotely in one day. On-site assessment is offered at the client’s request.
Once the gaps have been addressed and the client is ready to verify compliance to NIST SP 800-171 and CMMC Level 3, IAPMO R&T can provide a compliance assessment. Once the items in the compliance assessment have been addressed, the client will receive an NIST SP 800-171 Compliance Certification.
To schedule a compliance assessment, contact IAPMO R&T at (877) MY-ISO-1 or isoinfo@iapmort.org.
IAPMO R&T is part of The IAPMO Group’s family of companies. IAPMO was established in 1926 and has offices in the United States, Canada, Australia, China, Indonesia, India, Mexico, Germany and Argentina.
IAPMO®, developer of the Uniform Solar, Hydronics and Geothermal Code (USHGC®) and Uniform Swimming Pool, Spa and Hot Tub Code (USPSHTC®), has posted online the 2025 Report on Proposals for the 2027 editions of these prospective American National Standard-designated model codes.
IAPMO® and the American Society of Plumbing Engineers (ASPE) have renewed a Memorandum of Understanding (MoU), now incorporating ASSE International and ARCSA International, to jointly advance and promote the mutual interests of education, regulations, design, specifications, installation, and inspection of plumbing systems, as well as training, testing and certifying qualified professionals to perform design work responsive to the need to conserve and protect water supplies, and reduce energy use connected to delivery and use of water.
IAPMO®, developer of the Uniform Plumbing Code (UPC®) and Uniform Mechanical Code (UMC®), has posted online the 2025 Report on Comments (ROC) for the 2027 editions of these American National Standard-designated model codes. The ROC includes the committee actions as discussed during the May 6-8 technical committee meetings, the electronic ballot results as balloted between May 19-June 16, and the Technical Correlating Committee actions on all comments received for the 2027 editions.