Soldier working with laptop in headquarters building


The Defense Federal Acquisition Regulation Supplement or DFARS specifies cybersecurity requirements for entities doing business with the Department of Defense (DoD) as a contractor or a third party to a DoD contractor.  DFARS covers the handling of Covered Defense Information (CDI) or Controlled Unclassified Information (CUI).

DFARS compliance is required “as soon as practical, but no later than December 31, 2017 (252.204-7012.ii.A).”

If you do business with the DoD, it is very likely that you need to conform to DFARS and NIST800-171.

How can we help?

The team at CDG are experts in DFARS and NIST800-171 compliance.  We have helped a number of entities in different industries become DFARS compliant.   We use an iterative approach to get you compliant as quickly and efficiently as possible, ensuring immediate results.

Please contact us today to learn how we can help.

Gap Analysis

The first step towards DFARS compliance is determining the current state of your environment versus NIST 800-171.  CDG will conduct a Risk Assessment and Gap Analysis which will illustrate the roadmap to DFARS compliance.


After the gaps are determined, CDG will create a roadmap which will ensure compliance by the Dec 31, 2017 deadline.  CDG can also augment your internal team to assist with remediation efforts.