We have sent you an email. Please check your inbox. If you cannot view it in your primary inbox, please check your Spam or Junk folder.
The Cybersecurity Maturity Model Certification (CMMC) is divided into three tiers, ranging from Fundamental to Professional ones. The objective of these levels is to assess the cybersecurity maturity of any organization using a predefined sequence of steps, practices, and areas of improvement.
The 17 controls present in the Level 1 of CMMC are premised on the FAR clause 52.204-21, Basic Safeguarding of Covered Contractor Information Systems. These are the regulatory target for DIB businesses that only deal with Federal Contract Information (FCI) and not Controlled Unclassified Information (CUI).
Level 1 Fact Sheet
Cybersecurity Maturity Model Certification (CMMC) Level 1 is applicable to organizations supporting the Department of Defense that handle or process Federal Contract Information (FCI).
Criteria for CMMC Level 1
CMMC Level 1 denotes the foundational cybersecurity preventive care for Defense Industrial Base companies (DIB). The central emphasis at this juncture is on safeguarding Federal Contract Information (FCI). The first level essentially sets up a robust cybersecurity groundwork for the next 4 phases in the ranking, and all companies must conform to the testing standards. The first level of CMMC also necessitates an annual self-assessment.
CMMC Level 1
Founded on Current Controls
Established on the 17 controls present in FAR 52.204-21.
Federal Contract Information (FCI)
Needed for any vendor that deals with FCI.
Needs the submission of an annual self-assessment.
Gaining Guidance with Level 1 Compliance
Despite the fact that these specifications are less rigorous than it is for the next levels of the CMMC needs, many enterprises are oblivious to their situation or might miss the mark in several areas. Therefore, hiring a qualified CMMC advisory service, such as VLC, is vital to ensure compliance and fulfill all the evolving regulations.
Get in Touch with us Today!