HPEAuditing, LLC
Precision Audits for Mission-Critical Success

High Performance Executive Auditing

CMMC & ISO readiness reviews, gap assessments, and audit preparation led by seasoned assessors. Serving U.S. and Europe.

Start a Readiness Review FAQs
Gary Mays headshot
Dr. Gary R. Mays, PMP
ISO Lead Auditor
Seasoned ISO 27001/20000-1/9001 auditor and former project engineer with extensive experience in global infrastructure programs. Recognized for clear scoping, disciplined sampling methodologies, and delivery of actionable reports that drive compliance and operational excellence.
  • Lead ISO 27001, 20000-1, and 9001 audit experience
  • Infrastructure, cloud, and global operations programs
  • Evidence-driven, board-ready reporting
Email: garymays@hpeauditingllc.com
LinkedIn: linkedin.com/in/maysgr/
Judy Mays headshot
Judy A. Mays
CMMC Consultant / Auditor
Certified CMMC CCA (with Lead status verification pending), CISM, and CompTIA Security+ professional. Extensive experience in DoD IT infrastructure upgrades and expansions, including RMF assessments and ISO 9001 alignment, ensuring robust compliance and security solutions for mission-critical environments.
CMMC Certified Assessor (CCA) badge CMMC Certified Professional (CCP) badge
CMMC Certified Assessor (CCA) & Certified Professional (CCP)
  • DoD acquisition and IT infrastructure experience
  • Governance, risk, and compliance leadership
  • CMMC, NIST, and DFARS-aligned cybersecurity programs
Email: judymays@hpeauditingllc.com
LinkedIn: linkedin.com/in/judithmays/

Contact & Readiness Intake

Prefer email? Contact us at information@hpeauditingllc.com.

For a readiness conversation, we typically ask for:

  • Name · Company
  • Work Email · Phone (optional)
  • Target framework & timeline
  • Brief notes on scope and locations

Compliance note: Please do not submit CUI/PII via this form or by email. Basic contact details only.

Typical scoping calls cover current certifications, environment size/complexity, evidence readiness, and timeline expectations.

FAQ

How long does a readiness review take?
What evidence do you typically request?
Do you both consult and assess for the same client?
How do you support boards and senior leadership?

We maintain independence per C3PAO/ISO norms and do not provide consulting services to organizations we assess.

Free Resource

Our CMMC Level 2 readiness checklist (PDF) is in development. It will summarize typical artifacts, control owners, and common evidence gaps.

Download (coming soon)

Affiliations & Memberships

Cyber AB logo ISACA logo PMI logo

Logos shown for identification only. Click a logo in your browser to visit the organization’s site (where enabled).