Compliance

CMMC Level 1 (Foundational)

The basic CMMC tier requiring 17 cybersecurity practices for protecting Federal Contract Information. Allows annual self-assessment.

Related Terms

CMMC

A DoD framework requiring defense contractors to meet specific cybersecurity standards before handling federal contract information.

FCI

Information not intended for public release that is provided by or generated for the government under a contract to develop or deliver a product or service.

CMMC Level 2 (Advanced)

The mid-tier CMMC level requiring all 110 NIST SP 800-171 controls. Most contracts involving CUI require this level with third-party assessment.

Related Guides

CMMC Compliance Guide→

← Back to Glossary