Send us a text

In this episode of CMMC News, we explore the key guidance for conducting a Level 1 Cybersecurity Maturity Model Certification (CMMC) self-assessment. We discuss how to define the scope, including which assets—such as those processing, storing, or transmitting Federal Contract Information (FCI)—are included, and which, like IoT devices and Government Furnished Equipment, are excluded. Learn why no formal documentation is required for Level 1 and how to evaluate people, technology, and facilities involved in handling FCI. We also clarify the conditions for reassessments and the role of annual affirmations in maintaining compliance.

Need help with your CMMC self-assessment? Jun Cyber is here to guide you every step of the way. Contact us today for expert support in achieving and maintaining compliance with confidence!
Ref: https://dodcio.defense.gov/Portals/0/Documents/CMMC/ScopingGuideL1v2.pdf
Website: www.juncyber.com
Email: info@juncyber.com

Support the show