What is it like to be assessed by Kieri Solutions?

We are glad to report that as of February 2025, we have certified close to a dozen defense contractors for CMMC Level 2. What does that mean for you? We have as much experience as well as evidence that we know what the DoD expects a defense contractor to perform to meet CMMC certification. Our clients say that Kieri assessment teams are well organized, professional, easy to work with, reasonable, and compassionate.  

FAQs

If we miss a requirement, will Kieri Solutions provide enough detail to know what is wrong? Yes! Every assessment and Gap Analysis we do has a detailed findings report about the evidence that was reviewed for each assessment objective, and whether it met the requirement or not. If a requirement isn’t met, we describe why, which system is involved, and pinpoint exactly what part of the assessment objective wasn’t performed. We will also do our best to explain how we interpret the requirement if there appears to be a misunderstanding. If all else fails, we can point you toward some smart consultants in the CMMC ecosystem who should be able to help.

What is the pass rate for Kieri Solution’s clients?   This is a testament to our customer-friendly processes – we ensure your planned scope has no major problems and review your implementation at a high-level before we schedule you for the assessment.  We also provide our customers full information about what to expect and how to prepare very early in the process.  If a problem is found, we can recommend knowledgeable experts to help you fix it.  We include a short remediation assessment for free with every formal assessment. 

What type of companies or system environments does Kieri Solutions specialize in? Our assessors are more technical than average, so we do well in high-tech and distributed environments. Most of our assessment clients utilize cloud services such as Office 365 or AWS. But we have a pool of over 20 assessors, each with experience in different areas: large enterprise, shipyards, Linux, higher education, virtual desktops, software development, manufacturing, zero trust, laboratories, etc., so we can handle almost anything you might want to throw at us.

When should we reach out to Kieri Solutions for an assessment? If you are seeking a formal assessment, we recommend waiting until you’ve identified your scope and are not going to add any new systems to it, before asking for a quote. If you are looking for a Gap Analysis or Mock assessment, then it is totally fine if you aren’t ready – though you will get better information about your solutions and readiness the closer you are to fully compliant.

If we miss a requirement during a formal assessment, what happens? In most cases, our clients are able to fix problems almost immediately and we schedule a POA&M re-assessment within a few days. Assuming that the problems are fixed, we will issue an assessment report that shows your final score and results, provide a letter of attestation, and if applicable: provide CMMC certification.  

How hard is it to get a quote? Once you contact us, we will send you a questionnaire which asks questions about your readiness and the complexity of your environment. We will set up a call with our sales team to help fill out the questionnaire and answer any questions you have. After we understand how complex your information system is, we will send you a firm fixed-price quote.

How will Kieri Solutions assess _________? We are glad to discuss precedent from previous NIST SP 800-171 and CMMC assessments and how we interpret gray areas. Overall, you should find us to be very reasonable. We’ve been advocating for common sense assessments and scoping since the early days of CMMC. Reach out and we will be glad to have a call to discuss.

Will there be enough assessors available to meet demand when CMMC goes live?  We’re not sure.  It doesn’t sound likely.  We have multiple teams of Certified CMMC Assessors available and are growing to meet demand.  If you sign up for an assessment with us, and as long as you are ready, we will guarantee your schedule. 

We are not a DoD contractor, but we need to be NIST SP 800-171 compliant. Can Kieri assess us?  Absolutely.  Don’t be confused by all the talk about CMMC.  At our core, we are a NIST SP 800-171 assessment and readiness company.  CMMC is simply a DoD program to assess NIST SP 800-171 compliance for DoD contractors. There are only a few small differences between the two.  We do both at an expert level.

More about Gap Analysis

Kieri Solutions is a leader in performing NIST SP 800-171 assessments as well as CMMC certifications. Because our certified assessors are performing real assessments, we have the best knowledge of what it takes to pass. Don’t waste your time getting a Gap Analysis from an untrained “professional”.

Our standard Gap Analysis is +consulting, where we tell you how to fix your problems.  If you’d like to use Kieri Solutions to perform your formal assessment later, let us know and we will only tell you our findings, not how to fix them.  This preserves our independence for the certification assessment. 

Practice with the varsity team so that you are prepared for game day.