CMMC Level 1 Compliance Service

Join the Movement

CMMC Level 1

CMMC Level 1 is a self assessment.  This process consists of 6 domains and 17 practices.

Access Control (AC)

AC.L1-3.1.1 – Authorized Access Control – Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems)
AC.L1-3.1.2 – Transaction & Function Control – Limit information system access to the types of transactions and functions that authorized uses are permitted to execute
AC.L1-3.1.20 – External Connections – Verify and control/limit connections to and use of external information systems
AC.L1-3.1.22 – Control Public Information

Identification and Authentication (IA)

IA.L1-3.5.1 – Identification – Identify information system users, processes acting on behalf of users, or devices.

IA.L1-3.5.2 – Authentication – Authenticate (or verify) the identities of those users, processes, or devices as a prerequisite to allowing access to organizational information systems

Media Protection (MP)

MP.L1-3.8.3 – Media Disposal – Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse.

Physical Protection (PE)

PE.L1-3.10.1 – Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals.

PE.L1-3.10.3 – Escort Visitors – Escort visitors and monitor visitor activity.

PE.L1-3.10.4 – Physical Access Logs – Maintain audit logs of physical access.

PE.L1-3.10.5 – Manage Physical Access – Control and manage physical access devices.

System and Communication Protection (SC)

SC.L1-3.13.1 – Boundary Protection – Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.

SC.L1-3.13.5 – Public-Access System Separation – Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.

System and Information Integrity (SI)

SI.L1-3.14.1 – Flaw Remediation – Identify, report, and correct information and information system flaws in a timely manner.

SI.L1-3.14.2 – Malicious Code Protection – Provide protection from malicious code at appropriate locations within organizational information systems.

SI.L1-3.14.4 – Update Malicious Code Protection – Update malicious code protection mechanisms when new releases are available.

SI.L1-3.14.5 – System & File Scanning – Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.


Key Reasons to Start with Level 1:

  • Foundation for Progression: Just like you can’t add floors to a building without a solid base, higher CMMC levels can’t be achieved without mastering Level 1 first. Each level builds upon the requirements of the previous one.
  • Sequential Certification Process: The Cybersecurity Maturity Model Certification (CMMC) operates in a sequential manner. Skipping levels isn’t an option, which means every organization needs to master Level 1 before moving on.
  • Essential Security Practices: Level 1 focuses on basic cybersecurity practices. These measures are vital for protecting against common threats like phishing or malware, which can disrupt operations and result in data breaches.

Embarking on this journey starts with securing the basics. By prioritizing Level 1, organizations ensure they are compliant and fundamentally secure, setting the stage for more advanced security measures in the future.

Check your CMMC Level 1 readiness.

Professional Consultation

Our knowledgeable professionals guide you through every phase of the certification process effortlessly.

Customized Strategies

We create solutions aligned with your business's specific compliance requirements.

CMMC Level 1 Compliance
CMMC Registered Practitioner

Thank you

Your form has been submitted. We will get back to you shortly.