<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url><loc>https://www.thesherpa.us/</loc></url>
<url><loc>https://www.thesherpa.us/cmmc-cui-enclave</loc></url>
<url><loc>https://www.thesherpa.us/cmmc-consulting-services</loc></url>
<url><loc>https://www.thesherpa.us/soc2-compliance-services</loc></url>
<url><loc>https://www.thesherpa.us/iso-27001-compliance</loc></url>
<url><loc>https://www.thesherpa.us/cybersecurity-risk-management-solutions</loc></url>
<url><loc>https://www.thesherpa.us/iso-22301-compliance</loc></url>
<url><loc>https://www.thesherpa.us/ccpa-compliance</loc></url>
<url><loc>https://www.thesherpa.us/gdpr-compliance</loc></url>
<url><loc>https://www.thesherpa.us/penetration-testing-service</loc></url>
<url><loc>https://www.thesherpa.us/vulnerability-scanning-services</loc></url>
<url><loc>https://www.thesherpa.us/hipaa-compliance</loc></url>
<url><loc>https://www.thesherpa.us/about-us</loc></url>
<url><loc>https://www.thesherpa.us/contact</loc></url>
<url><loc>https://www.thesherpa.us/fci-compliance</loc></url>
<url><loc>https://www.thesherpa.us/vciso-consulting-services</loc></url>
<url><loc>https://www.thesherpa.us/iso-9001-compliance</loc></url>
<url><loc>https://www.thesherpa.us/blog</loc></url>
<url><loc>https://www.thesherpa.us/blog/cmmc-sprs-changes-explained</loc></url>
<url><loc>https://www.thesherpa.us/blog/what-level-of-cmmc-do-you-need</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-cmmc-clock-just-started-how-dfars-252.204-7021-is-already-impacting-dod-contracts</loc></url>
<url><loc>https://www.thesherpa.us/blog/cmmc-final-rule-2025-what-federal-contractors-must-do-now</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-compliance-blind-spot-that-could-jeopardize-your-federal-contracts</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-overlooked-security-risk-lurking-in-your-office-network-printers</loc></url>
<url><loc>https://www.thesherpa.us/blog/is-your-cyber-insurance-policy-a-safety-net-or-a-liability</loc></url>
<url><loc>https://www.thesherpa.us/blog/a-compliance-first-mindset-limits-liabilities-for-smbs</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-silent-danger-a-powerful-lesson-for-every-business</loc></url>
<url><loc>https://www.thesherpa.us/blog/get-ready-for-cmmc-requirements-now</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-interim-dfars-rule-and-what-it-means-for-you</loc></url>
<url><loc>https://www.thesherpa.us/blog/data-privacy-vs-data-security-a-closer-look</loc></url>
<url><loc>https://www.thesherpa.us/blog/the-basics-of-cybersecurity-what-every-small-business-owner-must-know</loc></url>
<url><loc>https://www.thesherpa.us/blog/5-ways-to-combine-compliance-and-cybersecurity-best-practices-to-improve-outcomes</loc></url>
<url><loc>https://www.thesherpa.us/blog/8-elements-of-a-business-impact-analysis-for-compliance</loc></url>
<url><loc>https://www.thesherpa.us/blog/understanding-hipaa-nist-and-cmmc</loc></url>
<url><loc>https://www.thesherpa.us/blog/compliance-and-cybersecurity-why-both-are-important</loc></url>
<url><loc>https://www.thesherpa.us/blog/5-benefits-of-iot-installation-services-for-businesses</loc></url>
</urlset>