CMMC Level 2 Readiness Update
Audit Scheduled to start March 23, 2026
Charles F. Day & Associates (CFDay) is preparing for a CMMC Level 2 third-party assessment at the end of March, conducted by an accredited C3PAO, to support secure performance on mission-critical work and ensure full alignment with DoD cybersecurity requirements for safeguarding Controlled Unclassified Information (CUI).
As the CMMC DFARS final rule — effective November 10, 2025 — continues its phased implementation across DoD solicitations and contracts, CFDay is committed to maintaining uninterrupted contract eligibility and compliance readiness for our clients and teaming partners.
Standards-Based Foundation
CFDay's CMMC Level 2 readiness reflects a long-standing culture of disciplined, auditable practice, built on:
- NIST SP 800-171–aligned controls for safeguarding CUI
- ISO 27001 information security management
- ISO 9001 quality management
- CMMI® Service ML 5 and Development ML 3, supported by five CMMI-certified practitioners
CMMC Level 2 certification is the natural next step in CFDay's commitment to operational excellence and mission security.
Get in Touch
For questions about our cybersecurity posture or teaming opportunities, please contact us at cfdayinfo@cfday.net .
Certified. Compliant. Trusted.
Certifications/Registrations Include:
ISO 9001:2015 Certificate No. 10009469 QM15 – Quality Management
ISO 27001:2022 Certificate No. 10009469 ISMS22 – Information Security
CMMI-SVC Maturity Level 5
Appraisal # 71081 EXP. Sep 11, 2027
CMMI-DEV Maturity Level 3
Appraisal # 71081 EXP. Sep 11,2027
DCAA-Compliant | GSA MAS | HUBZone(#3116)
Contract Vehicles & Acquisition Pathways
Flexible Procurement Channels
- GSA MAS – 47QTCA18D0035 (Prime)
- 8(a) STARS III (Teaming Agreement in Place)
- OASIS+ SB and 8(a) (Teaming Agreement in Place)
- OASIS SB Pool 1 (Teaming Agreement in Place)
- ENCORE III – DISA (Teaming Agreement in Place )
