Find Out Which CMMC Level Applies to You
Not sure where your organization fits in the CMMC framework?
Take this short quiz to understand how the Cybersecurity Maturity Model Certification (CMMC) applies to your work. Based on your answers, you’ll learn which CMMC level is most likely relevant to your contracts and what that means for protecting Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
Which CMMC Level
Are You?
Answer a few quick questions to find out.
Do you or your organization work on or support any Department of Defense (DoD) contracts or subcontracts, directly or through another contractor?
Do you receive or handle any information from the DoD?
Think about your daily work.
Do you view, share, or store information such as design files, project data, or personal details related to a government program?
Common examples may include, but are not limited to:
Technical data, blueprints, statements of work, system schematics, test data, invoices, schedules, or emails that reference contract-specific details.
Does your contract include any of these DFARS clauses?
252.204-7012, 7019, 7020, 7021
Do you work with Controlled Unclassified Information (CUI)?
Think about your daily work.
Do you view, share, or store information such as design files, project data, or personal details related to a government program?
Common examples may include, but are not limited to:
Technical data, blueprints, statements of work, system schematics, test data, invoices, schedules, or emails that reference contract-specific details.
Are you supporting a high-risk, national-security, or critical program designated by DoD?
Examples: weapons systems, sensitive R&D, special access programs, nuclear
One last step
Enter your work email to view your personalized recommendations.
Your Results
CMMC Levels
Think of this as locking your front door.
It’s about taking simple steps to keep everyday government information safe-things like using strong passwords, keeping your computer updated, and being careful about who can see your files.
This level is for companies that handle more sensitive information from the Department of Defense. It’s like having a lock, an alarm system, and cameras – extra layers of security to make sure important defense data stays safe from hackers or leaks.
This level is for organizations working on very sensitive or national security projects. It’s like having 24/7 guards and motion sensors – constant monitoring and advanced protection to defend against serious cyber threats.
