Today at FABTECH,PaperlessParts, the leading estimating and quoting platform for job shops and contract manufacturers, announced that it has completed its Federal Risk and Authorization Management Program (FedRAMP) Moderate Equivalency audit, which was conducted by Schellman. This rigorous analysis of Paperless Parts’ security posture ensures that its customers are better positioned to meet Cybersecurity Maturity Model Certification (CMMC) framework requirements, as well as compliance requirements of International Traffic in Arms Regulations (ITAR), to pursue business with the U.S. Department of Defense. 

“Protecting our intellectual property is critical to our national defense,” said Jason Ray, Co-Founder & CEO of Paperless Parts. “We take that responsibility very seriously, which is why we have invested so heavily in building out our platform and business operations to meet the strict standards outlined by FedRAMP.” 

The FedRAMP Moderate Equivalency audit validates Paperless Parts’ implementation of 325 controls within 17 different security control areas from NIST 800-53, allowing manufacturers in regulated environments to manage Controlled Unclassified Information (CUI). This level of investment will be crucial for Paperless Parts customers who plan to pursue CMMC certification. CMMC compliance standards are currently with the Office of Information and Regulatory Affairs (OIRA) for review and are expected to be live in government contracts by Q1 2025. 

“The work our engineering, security, and compliance teams have completed to implement the controls to meet FedRAMP Moderate Equivalency has established a strong foundation of technology, standardized process, and risk management at Paperless Parts,” said Jason Luce, SVP of Engineering at Paperless Parts. “This sets us up to protect our customers—and their customers—with the utmost level of security.”