University of South Carolina Supplier systems #260185-01

CMMC Level 2 Certification and Compliance Services for University of South Carolina

The University of South Carolina is seeking qualified Certified Third-Party Assessment Organizations (C3PAOs) to provide comprehensive consulting and assessment services for achieving and maintaining Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance for its Carolina Enclave for Secure Research (CESR). - Government Buyer: - University of South Carolina - USC Purchasing Department - OEMs and Vendors: - No specific OEMs or product manufacturers are mentioned; the solicitation is for professional cybersecurity services from C3PAO-certified vendors. - Products/Services Requested: - CMMC Gap Assessment & Baseline Analysis - Comprehensive baseline assessment against CMMC Level 2 requirements, gap identification, and remediation roadmap - CMMC Implementation & Readiness Support - Support for GRC tooling, documentation, security controls, POA&M, risk assessment, and incident response planning - C3PAO Assessment Preparation & Support - Assistance with C3PAO selection, documentation preparation, SME support, and remediation - CMMC Level 2 Assessment & Certification - Formal assessment and certification issuance - Ongoing CMMC Compliance & Managed Oversight Services - Annual assessments, SPRS score maintenance, policy updates, access control reviews, and regulatory transition support - Unique or Notable Requirements: - Vendor must be a qualified C3PAO organization - Services must cover both initial certification and ongoing compliance oversight - Pricing is based on hourly rates for various cybersecurity roles - Contract term is up to five years (one base year plus four option years) - Place of Performance: - USC Purchasing Department, 1600 Hampton St, Suite 606, Columbia, SC 29208

Description

The University of South Carolina is soliciting bids from qualified C3PAO organizations to provide consulting services aimed at achieving and maintaining Cybersecurity Maturity Model Certification (CMMC) Level 2 readiness and certification. The contract involves fixed price bidding for services that support the university's cybersecurity compliance efforts. The solicitation requires sealed offers submitted by April 24, 2026, and includes provisions for editing submitted offers. The award will be posted publicly after the submission deadline.

View original listing