CMMC Level 1 Requirements

The Level 1 practices establish a foundation for the higher levels of the model and must be completed by all certified organizations.

CMMC Level 1 is considered the basic cyber hygiene level and consists of the safeguarding requirements specified in 48 CFR 52.204-21 (“Basic Safeguarding of Covered Contractor Information Systems”).

The new CMMC is a complicated model that will require DoD contractors to review, assess and make necessary changes to cybersecurity controls to bid on future DoD contracts. The best place to start is a CMMC readiness assessment which will review your current infrastructure and identify the changes which need to be made.


Neena Shukla, CPA, CFE, CGMA, FCPA, CTP

Partner, Government Contracting Team Leader