Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Manufacturing Extension Partnership (MEP)

Nelson Engineering Finds Cost-Effective Path to CMMC Compliance with Arizona MEP

With the help of: Arizona Manufacturing Extension Partnership (Arizona MEP)

About

Nelson Engineering, an Arizona-based aerospace manufacturer, works with customers that require strict protection of federal Controlled Unclassified Information (CUI). The U.S. Department of War (DoW) now includes Cybersecurity Maturity Model Certification (CMMC) compliance in contracts, which outline the requirements for CUI protection. To remain competitive and meet customer requirements, Nelson Engineering needed to achieve CMMC Level 2 compliance aligned with NIST SP 800-171.

The Challenge

Like many small manufacturers, Nelson Engineering faced CMMC compliance with limited internal resources. Between building in-house expertise, balancing staff time, managing budgets, and handling the extensive documentation requirements, the process quickly became challenging. Nelson Engineering turned to the Arizona Manufacturing Extension Partnership (Arizona MEP) for help. From the first conversation, Arizona MEP focused on making the CMMC process understandable, achievable, and cost-effective for a small business.

Arizona MEP took the time to understand how we operate and guided us through every step. They provided a clear, well-structured path to CMMC compliance and built a partnership we trust.

— Pepsi Rodarte, Compliance & FAA Acountable Manager

MEP's Role

Arizona MEP delivered a well-defined, fixed-price engagement and outlined a structured compliance roadmap. The project began with a comprehensive CMMC/NIST SP 800-171 gap assessment, resulting in a clearly organized System Security Plan (SSP) and a draft Plan of Action & Milestones (POA&M). Rather than overwhelming the team, Arizona MEP broke the process into manageable steps.

Weekly working sessions were held to review the SSP, assign actionable tasks, and track progress. Each meeting closed out completed items and identified the next priorities, ensuring steady forward momentum. When questions arose between meetings, Arizona MEP remained readily available to provide clarification and guidance, keeping the project on schedule.

Results and Impact

Through the engagement, Nelson Engineering's team developed a strong understanding of CUI protection, required security controls, and how to implement policies and procedures that fit its business without adding unnecessary complexity. Customers were informed about the company's proactive compliance efforts, which reinforced trust and demonstrated a strong commitment to cybersecurity. CMMC compliance helped Nelson Engineering retain $2 million in sales and six jobs. The project also strengthened external relationships. Nelson Engineering evaluated its service providers; CMMC readiness and, when gaps were identified, confidently referred partners to Arizona MEP.

A Trusted Partner for Compliance

For Nelson Engineering, the value of working with Arizona MEP went beyond technical expertise. Arizona MEP understood both the aerospace industry and the realities of operating as a small manufacturer. Transparent pricing, clear expectations, and a practical implementation strategy made planning and execution far more predictable.

Results

CMMC compliance helped Nelson Engineering retain $2 million in sales
CMMC Compliance enabled the company to retain 6 jobs

Congressional District

4th District

5th District

7th District

Download PDF

Download Success Story PDF

MEP Center Contact

100 N. 7th Avenue
Suite 400
Phoenix, AZ 85007-2770
United States

+1 (602) 845-1200

davidg [at] azcommerce.com

https://www.azcommerce.com/programs/arizona-mep/

Created February 12, 2026

Was this page helpful?