Implemented, Basic Cyber Hygiene
Designed to meet the basic safeguards to protect Federal Contract Information (FCI). CMMC Level 1 requires all Defense Contractors to implement a systems security plan that defines and addresses the 17 safeguarding controls described in DFARS 7012 clause. CMMC Level 1’s universally accepted cybersecurity best practices and processes set the groundwork needed for full Level 2 compliance, specifically for companies who create, house or transmit Controlled Unclassified Information (CUI).
What is the difference between CMMC Level 1 and NIST 800-171?
A key difference between CMMC Level 1 and NIST 800-171 is that NIST 800-171 requires the on-going management of a systems security plan that addresses all 110 controls. CMMC Level 1 only requires the setup and documentation of basic 17 safeguards to ensure the protection of Federal Contract Information or other non-sensitive Defense data. Certain practices and procedures required in CMMC Level 1 serve to establish the most basic baseline cybersecurity hygiene and create a starting foundation.
Learn more about CMMC and explore the other levels
What is CMMC?Learn more about CMMC and explore the other levels
What is CMMC?Preparing for a CMMC Level 1 audit starts by taking a hard, thorough look at what cybersecurity measures your business currently performs and whether or not those processes are properly documented. From there, understand what gaps you have — both in terms of practice and documentation — based on what is required for Level 1 certification and begin to remedy those gaps. Once those gaps have been filled and an internal audit performed as a final check, then your business is ready to submit to a third-party auditor.
Practices that provide for a basic cybersecurity foundation and a systems security plan are the meat of CMMC Level 1. Training personnel on cybersecurity best practices and procedures, creating and maintaining system audit logs, limiting the use of portable storage devices and tracking access back to individual users to create accountability are some of the controls required in Level 1
Getting Your Business to CMMC Level 1 and Beyond
Whether CMMC Level 1 is your goal or just a stepping stone onto a higher level of cybersecurity, the experts at Hyper Vigilance are ready to help you prepare for your CMMC audit. Through tailored, time-saving, cost-effective strategies, we’ll create and implement a systems security plan that meets your cybersecurity needs and readies your business for the threats of the modern world. Contact Hyper Vigilance today to get started.