Complicated Compliance Made Simple for Global Metal Finishing Customers
Written by Tracy Nester, COO, Global Metal Finishing, Inc.
The daunting requirements for meeting Government compliance are challenging for any business–even more so for a small business.
Secure processes and systems are required to meet compliance for DoD, DFARS, ITAR, NIST, and CMMC 2.0. Simply understanding each requirement is where extreme complexity begins.
Global Metal Finishing began exploring what resources and knowledge were available to ensure compliance was achieved within our size, structure, skillset, and affordability.
When I first met Tamea Franco, owner of Global Metal Finishing, Inc., the response I gave to her regarding the upcoming expectations for CMMC was, “We need to meet these standards through alignment and partnership with the right vendors and systems.”
Fortunately, we started this journey three years ago. Now we can reflect and share what worked and how we are leveraging our knowledge to continue learning and improving in these complex areas:
Cybersecurity
It is all about Controlled Unclassified Information (CUI). How secure is the data you manage and store, and how does your business transact? We all know this is an ever-changing situation that requires expert knowledge. Realizing we needed to outsource our primary Information Technology Structure to a reputable partner was critical.
We interviewed many vendors and landed on one that met our vision and values well. A Managed Service Provider (MSP) path provided the expertise and security setup necessary to stay compliant with the changes occurring.
Responsive Technology Partners (RTP) in Roanoke, VA, has exceeded our expectations in this area. RTP’s thorough and steadfast manner met us where we were to understand our needs and walked with us continually forward, bringing Global Metal Finishing where we are today.
The highly skilled technical expertise has allowed Global Metal Finishing to continually improve processes and better understand requirements. The value of a Managed Service Provider is in both the strong day-to-day support as well as strategic visioning. The partnership found with RTP helps us keep getting better.
Secure Systems
Understanding what is “secure” under the requirements is complex yet possible even in small businesses. Securing Controlled Unclassified Information takes diligence and know-how.
We have found the best systems that are currently compliant as well as focused on future compliance. How we use the systems is the compliance we ensure. We had to get out of the known systems and be open to considering many possibilities that led us to current solutions.
Again, after a three-year journey of discovery, Global Metal Finishing is now using daily the best technology available for our size business. The systems selected understand and employ encryption on both sides of the transaction. These systems are compliant now and are prepared for CMMC 2.0.
Data Integrity
Having the best systems and knowledge available means nothing if appropriate use and policies are not followed. That is where we continually focus efforts today as we are implementing a new Manufacturing Execution System and Quality Management System.
We also work directly with our customers daily to ensure they have more than just a compliant way to transfer CUI. Global Metal Finishing desires to make how we do business easier and easier as we go.
Auditing
Confirming and checking actions against the requirements is key. At Global Metal Finishing, we welcome compliance audits. Audits are an important part of improving.
Recently Global Metal Finishing engaged with GENEDGE to complete a Cybersecurity Assessment and Planning for DFARS Compliance with NIST SP 800-171 Standard & Cybersecurity Maturity Model Certification (CMMC Readiness). This is following Virginia’s Defending CUI Program.
Global Metal Finishing is thrilled to invite experts into our processes so that we have a better understanding of how we measure. Creating self-audits and externally-led audits is critical in these highly technical and continually changing requirements.
It is not too late to begin your path to compliance! Working with Global Metal Finishing, Inc. for your metal finishing needs also gives an immediate path to secure data exchange of your CUI.
Contact us now to receive a quote for your finishing needs, following a secure path for your CUI.