Governance, Risk, & Compliance (GRC)

Compliance Assessments

(CMMC, ISO, Healthcare)

Cybersecurity Maturity Model Certification (CMMC) 

Paragon Cyber Solutions is an authorized  CMMC-AB C3PAO.

CMMC will be required for all DoD contractors to  maintain, and pursue, contracts by the Federal  Government. There are now three levels ranging from 1- 3 with Level 2 being the primary target for  certification. 

We have helped prepare companies of all sizes for the CMMC rollout through our advisory consulting and managed services. CMMC is starting to be phased  into DoD RFPs requiring all prime and sub-contractors doing business with the DoD to achieve a  specific CMMC level certification as a prerequisite to  receive new contract awards and a requirement to  maintain existing contracts.  

International Organization for Standardization (ISO) 

ISO has a number of standards with 27001 being one of the most popular.  Our team of certified ISO experts have experience providing the necessary support to prepare and build your corporate Information Security Management System (ISMS) preparing you to pass your formal certification audit.  We have a 100% pass rate for our client ISO assessments, primarily with zero non-conformities (no findings) as a result of our in-depth ISO 27001 preparation services.  


Are you a healthcare provider and/or do you maintain healthcare records?  If so, there are specific requirements (e.g. HIPAA) that you must abide by to ensure you are properly protecting that sensitive information.  We have certified Healthcare security and HITRUST professionals ready to help you with your compliance needs.


data privacy


California Consumer Privacy Act (CCPA)

CCPA creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses.  There are a number of specific requirements to allow California residents to opt-out and submit request for their information. Contact us for assistance!

General Data Protection Regulation (GDPR)

GDPR serves to enhance the protection of data for European Union residents.  Are you GDPR compliant?  Contact us for a thorough assessment.

Privacy Impact Assessment (PIA)

Not sure where you fall?  Many companies are in operation without realizing the sensitive data that they process along with the requirements to protect the data.  Contact us to conduct an in-depth PIA of your environment and provide a customized, strategic plan to implement the required controls to protect sensitive data.