Download Personnel Security Rubric

​The recent release of Cybersecurity Maturity Model Certification (CMMC) 2.0 has spawned a tremendous volley of questions, such as: “How does CMMC 2.0 affect my company?” and “Does CMMC 2.0 give my company more time to demonstrate compliance?” Simply put, CMMC 2.0 has not changed any of the DIB’s obligations to demonstrate compliance with NIST SP 800-171 or its requirement submit and maintain accurate Supplier Performance Risk System (SPRS) self-attestation. In fact, NIST SP 800-171 compliance has been mandatory since January 01, 2018 and SPRS since 2020 (reference: DFARS 252.204-7021, DFARS 252.204-7012, DFARS 252.204-7019, and DFARS 252.204-2020). NIST SP 800-171 compliance, and by definition, CMMC 2.0 compliance, applies to ALL DoD contractors and their subcontractors because they are all part of the DoD supply chain, and the DoD supply chain is essential to national security.

Many small and medium sized businesses don’t believe that compliance applies to them since they don’t have any employees with DoD security clearances and they don’t plan on hiring any. Compliance requires all DoD contractors and subcontractors, regardless of DoD security clearance, must safeguard controlled unclassified information (CUI) and provide adequate security for all covered contractor information systems. Compliance also means that the DoD shall verify a contractors and subcontractors compliance prior to contract award. Shockingly, many small and medium size businesses are at risk of losing new and existing contracts and subcontracts because of misconceptions and fears.

We invite you to download SoundWay’s Personnel Security Guidance Rubric; Assistance for CMMC Compliance. Our Personnel Security Guidance Rubric is a one-of-a-kind approach for objectively determining how an employee’s background may impact their employment and your business. Remember, this is for all employees, not just those with security clearances.

If you have questions regarding our Personnel Security Guidance Rubric or CMMC 2.0 compliance, please contact us at

Please complete the following form to download the FREE Personnel Security Rubric to use as needed.

Download Personnel Security Rubric
Email address is not accepted. Please use an email address with a company domain. Gmail, Hotmail and other service addresses are not accepted.