Ask an Expert
Tel: +1-281-673-2800
Find an Office
Email Us

Joint Surveillance Voluntary Assessment Program (JSVAP)

Joint Surveillance Voluntary Assessment Program

The Joint Surveillance Voluntary Assessment Program (JSVAP) is a critical step in demonstrating that Defense Industrial Base (DIB) contractors have the cybersecurity maturity required to be a Department of Defense (DoD) trusted partner.  As a Certified Third-Party Assessment Organization (C3PAO) authorized by the CMMC Accreditation Body (Cyber AB) and Licensed Training Provider (LTP), ABS Quality Evaluations (ABS QE) is nominating DIB Contractors to take part in the JSVAP.

What is the Joint Surveillance Program?

The JSVAP is a joint assessment program authorized by the Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) that allows DIB contractors with an active DoD contract to undergo a DIBCAC NIST 800-171 assessment.

Once all 110 of the NIST 800-171 controls are met, the contractor will achieve DIBCAC NIST 800-171 compliance, and DIBCAC will record a score in the Supplier Performance Risk System (SPRS). DIBCAC NIST 800-171 compliance is required to be eligible for a Level 2 CMMC certification valid for three years once federal rulemaking is in effect.

Become an Early Adopter

The best time to comply with CMMC 2.0 was yesterday—the next best time is today. Give your organization a competitive advantage and eliminate the need to wait in line once certifications are mandatory. 

As a C3PAO, ABS QE can nominate your organization for a DIBCAC High assessment. Upon successfully meeting all requirements, your organization will automatically become eligable to receive a CMMC Level 2 certification once the CMMC rule is final. As an LTP certified by the Cybersecurity Assessor and Instructor Certification Organization (CAICO), ABS QE can conduct training courses for your team that aid with implementing the NIST 800-171 controls and meeting CMMC compliance requirements.

Train Your Team Today 

Our certified training courses can provide your staff with a better understanding of the CMMC program and the CMMC ecosystem, an in-depth understanding of NIST 800-171 control implementation and how to prepare for and conduct internal and external assessments. 

Preparing for CMMC compliance can be a long and arduous process. Training your staff on the necessary competencies can help ensure compliance and that day-to-day operations aren't negatively impacted. 

Why ABS Quality Evaluations?

We're a global leader in Certified Performance.

ABS QE is a Certified Third-Party Assessor Organization (C3PAO) authorized by the Cyber Accreditation Body (Cyber AB) and a licensed training provider (LTP) certified by the Cybersecurity Assessor and Instructor Certification Organization (CAICO) to provide CMMC assessment services and training.

Our cybersecurity services include CMMC training, self-assessments, readiness reviews, gap assessments, Joint Surveillance Voluntary Assessment Program (JSVAP) assistance and certifications for ISO/IEC 20000, ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27017, ISO/IEC 27018 and ISO/IEC 27701, among others.

C3PAO & LTP Certification

From the Knowledge Center

The Path To Success: CMMC 2.0 Compliance

The Path To Success: CMMC  2.0 Compliance

Do you understand the requirements of CMMC 2.0? Achieving and maintaining compliance is critical to continued business with the DoD.
Read More
Cybersecurity Maturity Model Certification

CMMC 2.0: The New Cybersecurity Program

While CMMC 2.0 borrows principles from well-known security standards, there is no substitute for compliance if you you want to meet the new contract requirements established by the DoD.Read More
Three Steps to CMMC 2.0 Implementation

Three Steps to CMMC 2.0 Implementation

If you're a contractor bidding on DoD contracts, CMMC certification is in your future. Discover the three steps to CMMC 2.0 implementation. 
Read More

Frequently Asked Questions (FAQ)


Should we just complete Level 1 certification because it is easier?


Why do we need a third party if we can conduct a self-assessment internally?


We already have good cybersecurity systems in place; why do we need an assessment?


Why do I need to start my CMMC assessment now - don't we have a few years to comply?


What is a CMMC Gap Assessment and what steps are included?


What is a CMMC Readiness Review and what areas are assessed?


Back to top