CMMC Compliance Checklist
Your CMMC Compliance Checklist
- Become familiar terms, words, and requirements of the CMMC program.
- Understand your CUI flow and how you will implement the required safeguards to attain the needed level of controls and practices.
- Understand the various levels of certification and which level is most likely to apply to your organization. This will most often be disseminated by the prime contractor. We expect the majority of organizations to require meeting CMMC Level 2.
- Identify the gap between where you are and your desired objective.
- What obstacles stand in the way between where you are and where you need to be?
- Build and implement a plan. An advisor, provider, or consultant will likely be able to help with this process in the most efficient manner.
- In collaboration with external advisors and your internal stakeholders, create POAMs to incorporate the necessary controls and practices that will lead to certification. All POAMs must be completed before an assessment. What’s more, the solutions will need to demonstrate maturity in that they have been in place and functional over time.
- Establish CMMC champions within your organization and train your workforce to overcome any deficient areas in order to progress your journey towards certification.
- Commission an official assessment to be conducted by a C3PAO.
- Establish an ongoing plan to maintain processes and controls, while continuously improving.
- Determine if your organization needs to progress to a higher level of CMMC. IE: move from L2 to L3.