Show Policy

We Can Meet Your Cybersecurity Certification Needs

Whether you are here to learn more about ISO 27001, NIST SP 800-171, or both, Smithers is happy to help. Our approach to company assessments rests on more than thirty years of working as an accredited management system certification body. We will use our experience regardless of the type of assessment or assessments you need. 

Smithers differentiates ourselves through:

Service: Premier, proven, high-touch service.

  • Smithers will assign a single lead assessor to your account.

  • Lead assessor may work with a team, especially if you are undergoing an assessment for both ISO 27001 and NIST. You will have a dedicated contact to maximize efficiency and effectiveness.

  • Performance: Trust us for technical performance excellence.

  • Consistent and quality assessments based on 30 years of experience.

  • Holistic cybersecurity assessment of the entire organization instead of only those areas with controlled unclassified information in the case of NIST SP 800-171.

  • Dual certifications are possible – CMMC/NIST and internationally recognized ISO 27001 at a significant discount over two certifications.

  • this-or-that-644x350

    Pricing: Fair & competitive.

  • Evergreen pricing means no automatic annual audit pricing increases (prices quoted from initial certificationto recertification locked when proposal is accepted).

  • No deposits to secure audit dates – invoiced only after services are provided.

  • Level budgeting – annual surveillance pricing consistent year to year instead of an assessment budget spike every three years.

  • Account Management: Dedicated account management and operations team support.

  • Appropriate determination of scope and certification structure based on a collection of information, appropriate interfaces, inputs/outputs of sites.

  • Review process, scope, and answer any questions before the process begins.

    Leadership: Value-add of our technical scheme leadership and involvement.

  • Participation in standard-development committees.
  • Meet our leading cybersecurity expert.

  • Questions? Schedule a Meeting Today.

    Knowing who you want your assessor to be represents one part of the puzzle.

  • Do you need to be NIST-compliant as soon as possible?
  • Will you need to be assessed for CMMC once the rule is published?
  • Do you want to achieve compliance with ISO 27001 while working on NIST/CMMC?
  • Schedule a meeting with us at to ask questions that will help clarify your goals for 2024.