Our History
Compass, Inc. (Compass) was founded in 2003, by Pat and Lexa Reuter.
Pat began his career at DMA in 1980. After 20 years Pat retired and
began working at a small business consulting for NIMA/NGA before
opening his own company to focus on work/life balance for the employee
while still performing the mission for the customer. To achieve this
balance, Compass brings world-class
benefits to our employees
including flexible time off and fringe benefits topped off by a
corporate office that cares about and listens to our employees.
Compass started with only three (3) employees in the first month, and
our first client was NIMA/NGA, which is still our biggest client
today. After winning a prime contract with NGA for resource, decision,
and acquisition support personnel, the company truly started on its
growth trajectory. This first prime contract allowed us to open a
second office located in Huntsville, AL. Since that time, we have
diversified with awarded contracts at additional DOD/IC clients .
With headquarters in Winchester, VA, Compass is a small business that
is 100% focused as a DoD/IC-focused professional service provider. We
work to maintain a strong company culture built upon maintaining our
commitment to the mission, technical prowess, professionalism, and
(above all) our employees’ work satisfaction. We provide Advisory and
Assistance Services (A&AS) and System Engineering and Integration
(SE&I) to our government and business partner customers. We strive to
maintain a non-conflicted Organizational Conflict of Interest (OCI)
profile as trusted and assured personnel expertise for critical DoD/IC
missions through life-cycle acquisition management and technical
support services.
Our Current and Former Clients
CMMC Certification
Compass, Inc. has successfully completed an independent Cybersecurity Maturity Model Certification (CMMC) Level 2 assessment conducted by an accredited CMMC Third-Party Assessor Organization (C3PAO). Our assessed information system was validated as conforming to the security requirements defined in NIST SP 800‑171 Revision 2, as incorporated into the CMMC Program Rule (32 CFR Part 170), for all in‑scope Controlled Unclassified Information (CUI).
This certification attests to the successful implementation and documentation of all required Level 2 practices across the system boundary, including access control, audit and accountability, configuration management, incident response, risk management, system and information integrity, and all other domains outlined in the CMMC Level 2 model. All evidence, artifacts, and objective assessment activities were completed in accordance with the standardized CMMC assessment procedures maintained by the DoD. It affirms that Compass, Inc. maintains the necessary technical, administrative, and operational safeguards to process, store, and transmit CUI within the assessed enclave.
Compass, Inc. continues to maintain assessment validity, including ongoing adherence to NIST SP 800‑171 controls, continuous monitoring activities, configuration management discipline, and prompt remediation of any identified deficiencies. These efforts are integrated with our ongoing compliance with DFARS 252.204‑7012, DFARS 252.204‑7021, and other contractual cybersecurity obligations applicable to our work.
ISO Certifications
International Organization for Standardization 9001:2015 (9001) is a globally adopted standard for Quality Management Systems (QMS). The standard was derived from the collective experience of international experts who participated in the ISO Technical Committee ISO/TC 176 Quality Management, and Quality Assurance. Organizations can use the certification to improve organizational quality across any business field or industry and must re-certify standards compliance every three years and undergo third-party surveillance audits each year.
Compass’s QMS first achieved ISO 9001 certification in 2014 and uses the standard’s principles to guide us in improving performance. Our certified QMS has produced numerous benefits for the organization and our customers in areas such as process planning, continual improvement, more efficient solution development, fewer errors, and faster issue resolution. Compass’s commitment to repeatable, controlled processes is demonstrated in our high customer satisfaction.
International Organization for Standardization 20000-1:2018 (20000-1) is an international standard covering Service Management Systems (SMS), and was developed using IT Infrastructure Library (ITIL®) framework best practices. Compass's SMS first achieved ISO 20000-1 Service Management Systems (SMS) certification in 2021. Certification of Compass's system demonstrates a commitment to our customers by anticipating their needs and enabling effective responses to those needs with high-quality services through the planning, design, transition, delivery, and improvement of an SMS using a coordinated set of policies, processes, organizational structures, and people involved in managing services. ISO 20000-1 principles have also improved internal corporate functions by aligning our SMS processes to improve service delivery efficiency while maintaining high customer satisfaction.
International Organization for Standardization 27001:2022 (ISO 27001) is an international standard for specifications of an Information Security Management System (ISMS). The ISMS emphasizes Compass management’s commitment to ensuring the confidentiality, availability, and integrity of information by the implementation of security controls based on risk factors. ISO 27001 not only covers security for electronic information but extends to physical resources and proprietary knowledge of employees. This holistic approach to information security demonstrates credibility, trust, and confidence to all customers, stakeholders, and partners. Compass’s ISMS first achieved ISO 27001 certification in 2021. We continue to actively monitor, review, maintain and mature our ISMS to protect Compass’s business-sensitive and confidential information through ongoing operations, risk assessments, and risk mitigation planning.