CMMC Guide – CMMC 2.0 Levels
CMMC 2.0 Model Structure
Level 1: Foundational
- 17 Controls from NIST SP:800-171 (most current version)
- General contracts that do NOT have any CUI
- Estimated 120,000 companies
Level 2: Advanced
- All 110 controls from SP:800-171
- Contracts with DFARS Clause 252.254-7012 and/or Requirements for NIST SP:800-171
- Estimated 80,000 companies
Level 3: Expert
- 110 controls from SP:800-171 + All controls from NIST SP:800-172
- Contracts that are generally specific to Space and Military applications (Supporting Space Force, SOCOM, PAYCOM, etc.)
- Estimated 400-500 companies
CMMC 2.0 Compliance Tools and Resources for DoD Contractors and their Subcontractors
Does your Business Require an Independent CMMC Certification?
Out of approximately 200,000 Government Contractors supporting the United States Government, it is estimated that 80,000 will require an Independent Verification and Validation of the CMMC standard. SoundWay’s CMMC Quiz rapidly identifies if you will require a Certified Third Party Assessor Organization (C3PAO) and what is your current readiness based on a score.
Download CMMC Checklist
The Cybersecurity Maturity Model Certification (CMMC) has recently changed and is subject to future changes. SoundWay has created a checklist for evaluating your organization’s readiness. This list also includes commonly asked questions about CMMC with answers at no charge.
Download Personnel Security Rubric
Download SoundWay’s Personnel Security Guidance Rubric; Assistance for CMMC Compliance. Our Personnel Security Guidance Rubric is a one-of-a-kind approach for objectively determining how an employee’s background may impact their employment and your business.