Service-Disabled Veteran-Owned Small Business (SDVOSB) delivering cybersecurity governance, defense compliance advisory, and supply chain risk governance for organizations operating in regulated and high-trust defense environments.

Stella Maris Governance supports defense contractors, subcontractors, and supply chain participants preparing for CMMC Level 2 certification, DFARS compliance scrutiny, and supply chain enforcement requirements. All engagements are assessment-focused, fixed-fee, milestone-based, and structured for third-party assessor review.

• CMMC Level 2 Readiness & Advisory — Structured, phase-based readiness validation aligned to NIST SP 800-171 and CMMC Level 2 practice requirements
• NIST SP 800-171 Program Development — Gap analysis, SSP development, POA&M structuring, and evidence framework design
• DFARS 252.204-7012 / 7019 / 7020 Alignment — Flow-down obligation identification, subcontractor compliance support, and assessment preparation
• Supply Chain Risk Governance — Vendor tiering, supplier oversight frameworks, and C-SCRM program design aligned to NIST SP 800-161
• Ongoing Governance Retainers — Quarterly compliance validation, control drift monitoring, and evidence refresh

Stella Maris Governance is built on four principles:

Governance before theater. Security and compliance programs must be documented, repeatable, and defensible — not assembled at assessment time.

Evidence over assertion. Every claim maps to an artifact, a control, a procedure, and an operational record.

Practical implementation. Advisory work translates into executable operating models, not slideware.

Supply chain credibility. Small firms supporting the Defense Industrial Base must present the discipline, documentation, and delivery structure expected of prime contractors and large integrators.

This GitHub organization provides a transparent view of Stella Maris Governance public methodologies, frameworks, and selected client-safe artifacts. Reviewers will find:

• Firm capabilities and teaming materials
• Formal consulting methodology and engagement governance framework
• CMMC, NIST SP 800-171, and DFARS-aligned readiness artifacts
• Supply chain risk governance frameworks and supplier oversight templates
• Sanitized governance, risk, and compliance templates

This organization is intentionally curated. Client workpapers, internal delivery systems, sensitive operational methods, and proprietary tooling are maintained within the firm's internal source control environment and are not published here.

Stella Maris Governance was founded by Robert J. Myers, a U.S. Navy veteran (E-6, Petty Officer First Class) with over 20 years of federal governance experience spanning Navy operations, Department of Justice, and defense aerospace environments.

Robert holds 23+ industry certifications across cybersecurity, cloud security, identity governance, and financial operations — including CompTIA Security+, CCZT, FOCP, and ISC2 credentials — and is pursuing CMMC Registered Practitioner (RP) certification through CyberAB.

The firm combines governance discipline, operational practicality, and implementation focus to deliver credible compliance capability without enterprise consulting overhead.

Stella Maris Governance actively pursues teaming arrangements with prime contractors supporting the Defense Industrial Base. The firm holds SDVOSB certification and maintains SAM.gov registration.

For teaming inquiries, subcontracting discussions, or capability reviews:

• Website: stellamarisgovernance.com
• Email: robert@stellamarisgovernance.com

Stella Maris Governance LLC — Governance, compliance, and operational discipline for high-trust defense environments.