Current Status
Thank you for completing our CMMC questionnaire.
Your Compliance Score:
This score (out of 100) reflects your estimated compliance readiness based on your responses. A higher score means fewer security gaps.
✅ Your organization is making strong progress toward compliance.
You have many required controls in place, but some areas need improvement before you’re fully compliant. Addressing these remaining gaps will help ensure a smooth certification process.
🛠 Recommended Next Steps:
- ✔️ Finalize any “In Progress” security controls and test them for effectiveness.
- ✔️ Perform a mock CMMC assessment to identify potential weak spots.
- ✔️ Enhance documentation and evidence collection to streamline certification.
- 📢 You’re close! Address these final gaps to confidently meet CMMC 2.0 requirements. Contact TestPros for assistance.
📚 Resources
- Official DoD CMMC Program website: dodcio.defense.gov/CMMC
- DoD no-cost cybersecurity compliance resources: dibnet.dod.mil
- Additional cybersecurity resources:
- Locate a C3PAO: cyberab.org
- Obtain additional information on CMMC Assessments, Scoping, and Hashing: dodcio.defense.gov/cmmc/Resources-Documentation
- CUI Quick Reference Guide: dodcui.mil
- FedRAMP Moderate Authorized Service Providers: marketplace.fedramp.gov/assessors
Ready to take the next step? Contact us for assistance!
Follow us for updates:
If you need further assistance, feel free to contact TestPros.
[email protected]
Assessment Results
Email Address *
1. Have you conducted a CMMC self-assessment and documented the results?
2. Has your organization calculated its Supplier Performance Risk Assessment (SPRS) score, and is it up to date?
3. Do you have an up-to-date System Security Plan (SSP) that documents security practices?
4. Do you have a documented Plan of Action & Milestones (POA&M) to address compliance gaps?
5. Are access permissions enforced using role-based access control (RBAC) and the principle of least privilege?
6. Do all users, including privileged accounts, use multi-factor authentication (MFA) for system access?
7. Is there an automated system in place to track and log user access, authentication attempts, and privilege escalations?
8. Is Controlled Unclassified Information (CUI) stored, accessed, and protected in compliance with NIST 800-171 requirements?
9. Is all sensitive data encrypted both at rest and in transit using FIPS 140-2 validated encryption methods?
10. Do you conduct regular security risk assessments to identify vulnerabilities and track compliance progress?
11. Does your organization have a documented and tested incident response plan?
12. Are regular cyber incident simulations (e.g., tabletop exercises, red team assessments) conducted to evaluate response readiness?
13. Do all employees undergo cybersecurity awareness training at least annually?
14. Do you have a formalized process for onboarding and offboarding employees, including access control reviews?
15. Does your organization have a real-time security monitoring system in place to detect and respond to threats, vulnerabilities, and policy violations?
16. Do you have a dedicated compliance officer or team responsible for managing CMMC compliance?
Name:
Email:
Company:
State/Province and Country:
What Challenges
Are You Facing?
