DSG is a family-run C3PAO, here to take the guesswork out of your CMMC Level 2 Assessment.
We provide a practical, straightforward approach to the CMMC and NIST 800-171.
Our highly trained team provides consulting, gap assessments, and certification assessments to meet the needs of your organization.
We hold ourselves and our business to the highest ethical
standards. When you contract with DSG, you're part of the family.
Excellence
We know your mission is critical for the defense of the American
way of life. Our mission is to ensure you have the security and
confidence to carry it out without compromise.
Clarity
The Defense Industrial Base is faced with an ever evolving set of
requirements. At DSG, our goal is to cut through the complexity,
and ensure you understand what's required of you and exactly where
your organization stands.
Services
Whether your organization is certifying assessment ready, or just
getting started on its CMMC journey, DSG is there to help.
Level 2 Certification Assessments
DSG is scheduling CMMC Level 2 Assessments for 2026. As demand
for CMMC Level 2 assessments continues to rise and authorized
C3PAOs remain limited, assessment schedules are filling quickly.
Don't risk falling behind β lock in your assessment with DSG now
to ensure timely certification.
Comprehensive pre-assessment review
Findings report that outline the evidence reviewed for every
objective with clear explanations for objective determinations
If required, referral to trusted, experienced consultants
Mock Assessments
End-to-end dry-run assessments that mirror C3PAO methods so you
can validate readiness before a formal engagement.
Practice-by-practice interviews, observation, and artifact
review
Sampling approach and objective evidence mapping
Draft "findings" with factual-accuracy review (non-certifying)
Consulting
Partnering with an authorized C3PAO is more than just advice β
DSG provides guidance from the very experts the Department of
Defense trusts to certify CMMC compliance.
Practical, cost-effective solutions based on real-world
assessment experience
Development of a clear, actionable roadmap to achieve and
maintain compliance with NIST SP 800-171 and CMMC 2.0
Compliance advisor services β a CMMC subject matter expert
there when you need them
CMMC
Why it matters
The Cybersecurity Maturity Model Certification (CMMC) raises the
bar for cybersecurity across the DIB and requires independent
assessments for most contractors handling Controlled Unclassified
Information (CUI).
Following publication of the 48 CFR CMMC Final Rule into the
Defense Federal Acquisition Regulation Supplement (DFARS) on
September 10, 2025, contracting officers began incorporating CMMC
requirements into new solicitations and contracts as of November 10,
2025. As a result, CMMC clauses are now actively appearing in
applicable DoD procurements.
Levels we assess
Level 1 β Foundational practices to protect FCI
Level 2 β NIST SP 800-171-aligned practices to
protect CUI
Always check your contract and official DoD resources for current
requirements.
Our Team
Dunlop Security Group is a family-run CMMC-focused practice. Together,
we bring hands-on experience in systems administration, cybersecurity
engineering, and cloud operations to support the Defense Industrial Base.
George Dunlop
Lead CCA, CCA, CCP, CISSP
Former Systems administrator, now a CMMC assessor with over 7
years of technical experience.
Alexander Dunlop
CCA, CCP, CISSP
Cybersecurity professional with over 14 years of technical
experience.
Gabriel Dunlop
Certified Solutions Architect
Cloud Engineer with specialized experience in providing technical
and operational support.
Contact
Tell us about your environment and timeline. Weβll follow up promptly.
