CMMC 2.0 Self-Assessment
Evaluate your organization's compliance with CMMC Level 1 and Level 2 requirements based on NIST SP 800-171 Rev 2.
Organization Information
Target CMMC Level
Level 1 — Foundational
FCI Protection
Practices (FAR 52.204-21)
Level 2 — Advanced
CUI Protection
Practices (NIST 800-171)
How This Assessment Works
This tool follows the design approach of the DOE's C2M2 assessment, adapted for CMMC 2.0 compliance. For each of the 110 NIST SP 800-171 security requirements, you will select an implementation status:
Your SPRS score (Supplier Performance Risk System) will be calculated automatically. SPRS scores range from 110 (all controls met) to -203 (no controls met). A score of 110 is required for full Level 2 compliance.
Assessment Results
Level 1 — Foundational (17 Practices)
Level 2 — Advanced (110 Practices)
Implementation Status by Domain
Stacked bar chart showing compliance distribution across all 14 CMMC domains