CMMC Third-Party Assessment Organization

ARE YOU READY FOR THE CMMC?

DSG is a family-run C3PAO, here to take the guesswork out of your CMMC Level 2 Assessment. We provide a practical, straightforward approach to the CMMC and NIST 800-171. Our highly trained team provides CMMC Level 2 Certification Assessments, Mock Assessments, and Consulting Services to meet the needs of your organization.

Request a Mock Assessment Explore Services
  • CMMC Level 1 & 2
  • NIST 800-171 Rev.2
C3PAO Assessments
What you need for CMMC Level 2 certification
CCA Consulting
We know how assessors think - because we are assessors
Mock Assessments
Bundle with your Certifying Assessment and save
DSG Approach
Clear process. Credible execution. Mission-first mindset.

Family Owned

Dunlop Security Group is a family-owned business built on shared values and a personal commitment to every client. When you work with DSG, you work directly with the Dunlop family — not a corporation.

Excellence

We know your mission is critical for the defense of the American way of life. Our mission is to ensure you have the security and confidence to carry it out without compromise.

Trust

We hold ourselves and our business to the highest ethical standards. When you contract with DSG, you're part of the family.

Services

Purpose-built support for the Defense Industrial Base.

Whether your organization is certifying assessment ready, or just getting started on its CMMC journey, DSG is there to help.

Consulting

Partnering with an authorized C3PAO is more than just advice — DSG provides guidance from the very experts the Department of Defense trusts to certify CMMC compliance.

Included
  • Practical, cost-effective solutions based on real-world assessment experience
  • Clear, actionable roadmap to achieve and maintain NIST SP 800-171 and CMMC 2.0 compliance
  • Compliance advisor services — a CMMC subject matter expert when you need them

Level 2 Certification Assessments

DSG is scheduling CMMC Level 2 Assessments. As demand continues to rise and authorized C3PAOs remain limited, assessment schedules are filling quickly. Don't risk falling behind — lock in your assessment with DSG now to ensure timely certification.

Included
  • Comprehensive pre-assessment review
  • Findings report with evidence reviewed for every objective with clear explanations for objective determinations
  • Referral to trusted, experienced consultants if required

Mock Assessments

Get clear on your readiness before the formal assessment begins. Tell us about your environment, anticipated timeline, and where you are in the CMMC journey. We will follow up promptly.

Included
  • End-to-end Mock Assessments that mirror C3PAO methods
  • Identify gaps in your implementation with detailed findings reports
  • Validate your hard work
How It Works

From first call to assessment decision.

1

Fit and scope

We discuss your unique environment, infrastructure, regulatory requirements, and assessment timeline.

2

Evidence planning

We align on people, assets, practices, and artifacts needed for a smooth, no-surprises assessment.

3

Assessment execution

Interviews, observations, and artifact reviews are conducted with clear communication throughout.

4

Results and path forward

You receive determinations, context, and the next actions required based on your assessment outcome.

CMMC

A sharper path through CMMC complexity.

Following publication of the 48 CFR CMMC Final Rule into the Defense Federal Acquisition Regulation Supplement (DFARS) on September 10, 2025, contracting officers began incorporating CMMC requirements into new solicitations and contracts as of November 10, 2025. As a result, CMMC clauses are now actively appearing in applicable DoD procurements.

Why it matters

The Cybersecurity Maturity Model Certification (CMMC) raises the bar for cybersecurity across the DIB and requires independent assessments for most contractors handling Controlled Unclassified Information (CUI).

Where we can help

Level 1 — Foundational practices to protect FCI
Level 2 — NIST SP 800-171-aligned practices to protect CUI

Always check your contract and official DoD resources for current requirements.

What we deliver

The certifying assessments your business needs to stay SECURE and WINNING Defense Contracts.

Our Team

Family-run. Technically grounded. Assessment focused.

George Dunlop

George Dunlop

Lead CCA, CCP, CISSP

Former systems administrator and CMMC assessor with over 9 years of hands-on technical experience supporting realistic, evidence-driven assessments.

Alexander Dunlop

Alexander Dunlop

Lead CCA, CCP, CISSP

Cybersecurity professional with over 14 years of technical experience across secure operations, systems, and risk-informed program support.

Gabriel Dunlop

Gabriel Dunlop

Certified Solutions Architect

Cloud engineer with specialized experience in practical technical and operational support for organizations navigating security and compliance requirements.

Contact

Let's talk about your environment and timeline.

Tell us about your environment and timeline. We'll follow up promptly.

info@dunlopsecuritygroup.com
6241 South Blvd #240088, Charlotte, NC 28217

* Required field