Advisory Services
Compliance readiness, vendor risk assessments, and SCRM program development. Practical guidance from the people who built these programs for the federal government.
CIP-013 Readiness Assessment
Get audit-ready before the auditor arrives
A focused engagement to evaluate your CIP-013 supply chain risk management program against what NERC auditors actually check. We review policies, vendor onboarding processes, and contracts, then deliver a clear picture of where you stand and what needs to change.
What You Get
Policy and procedure gap analysis against CIP-013-2 requirements
Vendor onboarding and contract assessment
Risk-ranked findings report with specific remediation steps
Prioritized roadmap to compliance
Vendor and Supply Chain Risk Assessment
See your supply chain exposure before someone else finds it
For utilities and infrastructure operators who need to understand their vendor risk but don't have the internal team to do it. We adapt the same frameworks used in federal critical infrastructure programs and deliver practical, right-sized recommendations.
What You Get
OT/IT vendor risk analysis
Third-party access and remote support review
Geographic concentration and country-of-origin mapping
Actionable recommendations sized to your team and budget
Defense Supply Chain and CMMC Support
Prepare for CMMC Phase 2 and Section 805
For defense contractors and subcontractors who need supply chain visibility and documentation before mandatory third-party certification starts in November 2026. SCRM training, audit preparation, and compliance documentation from practitioners with USSOCOM, DoD, and CISA experience.
What You Get
SCRM training for leadership and acquisition teams
Supply chain visibility and documentation for CUI environments
Supplier performance and risk assessment
Section 805 NDAA compliance support for component identification
Let's talk about your compliance challenges
Tell us what you're facing. We'll tell you how we can help.