Washington, DC-based managed IT and compliance provider passes independent C3PAO assessment with zero findings and no open POA&Ms.
WASHINGTON/MINNEAPOLIS, April 21, 2026 – Teal, an independently owned CMMC managed IT services company, has achieved Cybersecurity Maturity Model Certification Level 2 following an independent assessment by an accredited CMMC Third-Party Assessment Organization (C3PAO). The company received a perfect score of 110 out of 110, confirming full implementation of every security control in NIST SP 800-171.
A perfect CMMC Level 2 score is uncommon. Most organizations that pass the assessment do so with findings or an open Plan of Action and Milestones – meaning documented gaps that must be closed under a remediation plan. Teal’s score means there is no ambiguity about its compliance posture.
“This result reflects years of building the program the right way – starting with scope precision, evidence traceability, and controls that are implemented properly,” said Reid Johnston, cofounder and Chief Intelligent Transformation Officer at Teal.
“And it doesn’t stop at our own certification,” said Gar Whaley, cofounder, Chief Revenue Officer, and CMMC Registered Practitioner at Teal. “We build client programs the same way we built our own. For defense contractors evaluating a compliance partner, our audit result is the most credible proof point we can offer.”
Factors that contributed to the company’s path to certification:
- RPO experience and regulatory depth: Teal is one of the first 62 Cyber AB-approved Registered Provider Organizations in the country, with years of hands-on experience supporting defense contractors through NIST 800-171 and DFARS requirements before CMMC enforcement began.
- Independently verified security standards: Teal holds third-party validations – including the ISO 27001 certification and the CompTIA Security Trustmark+ – which demonstrated the company’s security management practices before the CMMC assessment.
- Practitioner-led execution: The certification effort was led by the same team that builds client SSPs, defines CUI scope, and designs secure infrastructure – professionals with decades of direct assessment experience who know what defensible compliance looks like in practice.
CMMC enforcement is expanding across the defense industrial base, and the bar for what qualifies as a credible compliance partner is rising with it. Contractors working toward Level 2 certification can engage Teal CMMC with confidence, knowing that the program guiding their readiness has been independently validated to the same standard they are held to.
About Teal
Teal is an independently owned, managed IT services provider trusted by growth-focused executives at small and mid-sized businesses who demand high performance, strong security, and strategic impact. Every solution is engineered for measurable outcomes – from advising on AI policy and governance to developing IT strategies aligned with business objectives.
About Teal CMMC
Teal CMMC is Teal’s dedicated managed IT services brand for small defense contractors and suppliers, built to help them achieve CMMC readiness and maintain long-term compliance resilience. Level 2 compliance readiness is where the partnership starts. Growth is where Teal CMMC takes Defense Industrial Base contractors.
Services include comprehensive managed IT services, compliance consulting to identify CUI scope, NIST 800-171 gap analysis, readiness assessments, SSP/POA&M development, and secure enclave design – all anchored in a Microsoft-forward approach. With a strategic footprint in Washington D.C., and over 25 years of experience supporting contractors, Teal CMMC brings deep insights into DoD requirements, contracting cycles, and audit expectations.
Media Contacts
Brittany Watson, Marketing Manager
Office: (703) 740-8797
Email: info@tealtech.com
