White Plains, Maryland – September 22, 2025 – inDirectIT Inc., a leading provider of CMMC compliance and managed services, announced it has successfully achieved Cybersecurity Maturity Model Certification (CMMC) Level 2. This milestone validates inDirect IT’s adherence to the rigorous standards outlined in NIST SP 800-171 and reinforces the company’s role as a trusted advisor for defense contractors preparing for Department of Defense (DoD) compliance requirements.
The CMMC framework is designed to safeguard Controlled Unclassified Information (CUI) across the Defense Industrial Base. Achieving Level 2 certification requires organizations to demonstrate not only technical cybersecurity safeguards but also operational maturity in implementing and sustaining them. inDirect IT’s certification signals that its internal practices meet the same standards the company helps clients achieve.
This announcement comes ahead of the 48 CFR CMMC Final Rule taking effect on November 10, 2025. With certification deadlines approaching, inDirect IT continues to strengthen its position in the ecosystem, providing proven guidance to contractors navigating the transition to CMMC compliance under the finalized rule.
“Our Level 2 certification affirms that we meet the same standards we advise our clients to achieve,” said RJ Williams, CEO of inDirect IT. “This credibility allows contractors to choose us to support them on their CMMC journey with confidence, clarity, and firsthand experience.”
“For years we’ve worked alongside clients to align their environments with CMMC and NIST requirements,” added Ryan Steger, CTO of inDirect IT. “By securing certification ourselves, we demonstrate that our methodology and approach are not only effective but also independently validated.”
With this certification, inDirect IT joins a select group of providers that have proven both technical expertise and disciplined compliance practices. The company’s MSP and compliance teams are uniquely prepared to help prime contractors and subcontractors alike prepare for CMMC requirements and third-party assessments.
About inDirect IT
inDirect IT Inc. delivers risk advisory, IT compliance, managed services, and cloud consulting to government and commercial clients. The company specializes in cybersecurity maturity, CMMC readiness and certification support, Microsoft 365 and Azure secure enclave design, and internal audit advisory. inDirect IT’s mission is to simplify the complex, clarify decisions, and deliver measurable results for clients across highly regulated industries.
For more information, visit www.indirectit.com.
Contact us today for a personalized consultation, comprehensive assessment, or detailed evaluation tailored specifically to your organization’s current compliance landscape.
