As of right now, none.

Peak InfoSec is an Authorized C3PAO. However, until the 32 CFR Part 170 CMMC Program rule is formally published, CMMC technically does not exist.

Once it is published, Peak InfoSec will be re-authorized by the CyberAB and allowed to conduct CMMC Conformity Assessments.