Skip to content

Member News

Dox adds another Certified CMMC Professional to their team

May 2, 2023

The addition of another Certified CMMC Professional sets Dox apart as being one of the most educated and experienced cybersecurity companies working to enhance the way organizations handle CUI.


Dox Electronics, Western New York’s premier technology and IT support company offering consulting, audit readiness assessments, and cybersecurity support, is enhancing their status as a preeminent registered practitioner organization by gaining another Certified CMMC Professional (CCP) to their staff roster.

Individuals holding a CCP certification have an elevated level of knowledge, insight, and preparedness when it comes to assessing the technical, physical, and administrative controls in place to safeguard Controlled Unclassified Information (CUI) of companies working with the U.S. Department of Defense (DoD) or critical infrastructure. Dox assessments performed by CCPs help organizations identify and overcome data vulnerabilities, allowing these companies to make remediation efforts to curtail the theft of unclassified information, protect the data of individuals and organizations working on contracts, and preserve the integrity of privileged information used to support the defense undertakings of the United States -- efforts that are becoming ever more pressing in today’s political and military climate.

Patrick Shaw, Dox’s Senior Assessment Manager, is the latest team member to achieve CCP status. Shaw joins the elite rank of just over 300 CCPs serving the United States, making Dox one of the highest credentialed businesses providing NIST 800-171 compliance audits and CMMC readiness assessments for contractors, subcontractors, and vendors dealing with government or critical infrastructure contracts. The Dox team consists of Registered Practitioners, Certified Information System Auditors, Security Analysts, Technical Writers, and now, multiple Certified CMMC Professionals.

“It’s an honor to be recognized among some of the most skilled and knowledgeable compliance experts in our industry and across our nation,” said Shaw. “Dox has always focused on supporting employees as we work to better ourselves and enhance our understanding of our field, thereby allowing us to better serve our customers."

Shaw spearheads Dox’s efforts to help companies identify gaps in their current cybersecurity processes, working to produce a detailed audit report that outlines strengths and weaknesses in a company’s quest for CUI regulation and NIST 800-171 adherence. Working against a set of 110 controls, a Dox team assessment evaluates an organization’s security protocols, policies, and practices using a standard protocol to identify their level of maturity, reliability, and strength. The result of this assessment is a determination of the organization’s security maturity level, which is backed by a Supplier Performance Risk System (SPRS) score that is considered by contracting officers when new contracts are awarded or existing contracts renewed.

If your organization deals with CUI or needs to adhere to NIST 800-171 requirements, reach out to the experienced team at Dox to complete your gap analysis and readiness assessment.

About Dox Electronics, Inc. 
Since 1982, Dox Electronics has offered bespoke information technology services that help businesses address costly barriers preventing alignment of the organizational IT roadmap to strategic goals and initiatives. Dox is currently focused on supporting organizations that need to comply with State and Federal Security regulations like PCI-DSS, HIPAA, SCADA, DFARS, NYS DFS, NIST 800-171, and CMMC. Dox is a CMMC Registered Provider Organization (RPO) and has completed over 300 assessments for organizations seeking NIST 800-171 or CMMC Level 2.0 certification.

About Patrick Shaw 
Shaw started at Dox in 2012 as a LAN Engineer and quickly advanced into a security auditor to fill the market demand around organizations needing first-in-class comprehensive assessments. Throughout his time at Dox, Shaw has participated in hundreds of assessments covering administrative, technical, and physical controls. He holds the following designations: Registered Practitioner Advanced (RPA), Certified Information Systems Auditor (CISA), and Certified CMMC Professional (CCP).


Scroll To Top