Aero-Glen International, LLC is a privately-owned small business established in 1976. Located in North Fort Worth, their results-driven and customer-centric culture has earned them a reputation as a reliable supply chain partner. Their focus is hardware distribution, build-to-print parts (including machined and sheet metal parts and assemblies) along with value-added Supply Chain services (including kitting and bin management). Aero-Glen provides key components to the Department of Defense (DoD) Defense Industrial Base (DIB).
Pioneers of the CMMC 2.0 Level 2 Certification
CMMC 2.0 is primarily based on NIST SP 800-171 guidelines. Together with Aero-Glen, TMAC covered each category of NIST SP 800-171 to determine the minimum defined expectation from NIST and DoD. TMAC used CMMC ePU Reference Documentation and tools licensed from DTC Global to provide definitive guidance. TMAC relied on these tools, its deep understanding of NIST SP 800-171, the TMAC assessment methodology and Darold Tippey’s 29 years of military experience in information security to review Aero-Glen’s business processes and control measures. During this assessment the combined Aero-Glen TMAC team identified and corrected areas of deviation in interpretation, handling of and response to required controls, identified potential gaps in compliance and refined the system. They used CMMC ePU Reference Documentation to develop “overwhelming evidence” of their compliance as they addressed gaps and non-conformities.
By studying Aero-Glen’s operations and processes, IT infrastructure, and the Quality Management System, the TMAC and Aero-Glen team ensured system elements aligned and worked effectively to help Aero-Glen pass the assessment. “This transformational project assured that operations, policies and procedures were aligned and more secure, improving the way Aero-Glen operated end-to-end, from customer orders to final delivery,” stated TMAC Cybersecurity Expert, Ghassan Khatib.
In September 2022, Aero-Glen completed the Joint Surveillance Voluntary Assessment Program with only 2 minor findings. The successful assessment means that Aero-Glen met their CMMC 2.0 Level 2 compliance and will be able to continue to uphold their DoD contracts.
This achievement proves successful not only for Aero-Glen, but also for TMAC, DTC Global, DoD, CMMC and NIST, demonstrating that compliance with cybersecurity requirements can be achieved effectively and practically within the CMMC scheme, even for small manufacturers. It will assure the safeguarding and security of sensitive DoD information, and enhance national security.
As a result of passing the assessment Aero-Glen is now eligible to retain their DoD contracts and compete for future contracts requiring CMMC certification. As an early adopter in the DIB, Aero-Glen is the first company nationwide to successfully pass the C3PAO assessment making them a lower risk for CUI. Such an accomplishment will make Aero-Glen a preferred supplier for DoD and their primes and gives a competitive edge. This enables Aero-Glen to more easily gain new DoD contracts with great growth potential.
First company/manufacturer to be
awarded CMMC certification
The first company to successfully pass a joint
DIBCAC/CMMC C3PAO assessment
Successfully completed their Joint Surveillance Voluntary Assessment for CMMC 2.0 certification
Will be the first company to be awarded CMMC 2.0 certification
for 3+ years once authorized
”Cybersecurity is a critical component of how we approach our markets, service our customers, and integrate with our daily processes. The TMAC team was great in taking a pragmatic approach to a complex set of requirements, and proved we can achieve a sustainable cybersecurity program while enabling the business.Zbigniew KaniewskiVice President IT and Continuous Improvement