• Services
    • Links
      • SOC ASSESSMENTS
        • SOC 1
        • SOC 2
      • ISO CERTIFICATIONS
        • ISO 27001
        • ISO 27701
        • ISO 22301
        • ISO 42001
      • HEALTHCARE ASSESSMENTS
        • All Healthcare
        • HITRUST
        • HIPAA
      • Federal Assessments
        • All Government
        • FedRAMP
        • StateRAMP
        • FISMA
        • CMMC
        • NIST 800-171
      • PCI Assessments
        • PCI DSS
        • PCI SSF
      • Cybersecurity
        • Penetration testing
        • Red team services
        • Ransomware preparedness assessment
        • Social engineering
        • Vulnerability assessment service
      • Privacy
        • GDPR
        • CCPA/CPRA
      • International Services
      • Additional Services
        • Microsoft SSPA
        • NIS2 Directive
        • C5 Attestation
        • SOX 404
        • CSA STAR
        • Business Continuity & Disaster Recovery
        • Limited Access Death Master File
    • FEATURED RESOURCES
      • What is SOC 2? Complete Guide to SOC 2 Reports and Compliance

        SOC 2

        Menlo Security reduces evidence collection time by 60% with consolidated audit approach 

        ISO 27001SOC 2

        ISO 42001 Checklist – Prepare for AI Compliance 

        ISO 42001

        CMMC Buyer’s Guide: How To Choose a C3PAO

        CMMC
  • Technology
  • About Us
    • Our Company
    • Meet our team
    • Board of Directors
    • Partners
    • Events
    • Careers
  • Resources
  • A-SCEND Login
  • Careers
CONTACT US

CMMC checklist

Your guide to preparing for CMMC certification

The Cybersecurity Maturity Model Certification (CMMC) program was developed by the Department of Defense (DoD) to ensure contractors and subcontractors implement cybersecurity controls and processes that adequately protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) residing on Defense Industrial Base (DIB) systems and networks.

feature CMMC Checklist 1 0

Download your checklist

Download the checklist to learn how to:

Understand CMMC program requirements and NIST 800-171 Rev 2

Identify CMMC level, in-scope assets, and gaps in your compliance program 

Prepare an implementation plan, documentation, and for your C3PAO assessment 

Choose a C3PAO and undergo the assessment

Continuously improve your CMMC compliance and adhere to future requirements

5,700+ companies trust A-LIGN for their compliance and cybersecurity needs

WS client OpenGov
WS client MicroStrategy (1)
WS client InEignt
WS client Juvare
WS client nuvolo (1)
WS client Peraton

A top FedRAMP assessor with extensive experience in NIST frameworks

1K+ federal assessments
completed
#3 FedRAMP assessor
96% client satisfaction
rating
100% FedRAMP PMO
acceptance

One stop for all your compliance efforts

A-LIGN leverages a vast network of resources, experience, and professional relationships to ensure your organization is ready and approved to support government agencies, minimize risks, and keep their data safe against cybersecurity threats.

FedRAMP


If you are a Cloud Service Provider (CSP) currently providing, or seeking to provide, services to federal agencies, A-LIGN can make your FedRAMP process seamless. We will support you during your entire FedRAMP journey, from readiness to authorization.

Learn More

FISMA


A-LIGN’s expert federal assessors can help your company meet FISMA’s requirements for all agencies to develop, document, and implement an information security and protection program.

Learn More

NIST 800-171


As an organization interested in working on a federal contract, you must implement the appropriate NIST 800-171 controls. These cybersecurity control measures protect vital information in nonfederal systems and organizations.

Learn More

SOC 1 audit
SOC 2 audit framework
A LIGN ISO 27701 1

CMMC Resources

resource feature What is CMMC 1 1
Blog

What Is CMMC 2.0? A Guide to CMMC Compliance Requirements for Defense Contractors 

CMMC
resource feature CMMC Buyers Guide 1 1
Blog

CMMC Buyer’s Guide: How To Choose a C3PAO

CMMC
resource feature The CMMC Assessment Process 1 1
Blog

Breaking Down the CMMC Assessment Process

CMMC
netcov 1200x1200

“Having an assessor like A-LIGN, who can crosswalk multiple frameworks, has been a huge time saver for us. Utilizing evidence across various audits has been phenomenal as we continue to add requirements to our stack.”

Bridget Wilson, SVP of Governance, Risk & Compliance of Network Coverage

READ THE FULL CASE STUDY
Gradient Map 3 blue

Get your guide to CMMC certification

From readiness to certification, A-LIGN has everything you need to work with the Department of Defense. Download our checklist to help your organization prepare to achieve certification success.

DOWNLOAD THE CHECKLIST
  • Services
  • Software
  • About us
  • Partners
  • Careers
  • ISO Certificate Directory
  • Privacy Policy
  • Cookie Policy
  • Impartiality and Inquiries
  • Terms of Use
  • Sitemap
CONTACT US

Price and Associates CPAs, LLC dba A-LIGN ASSURANCE is a licensed certified public accounting firm registered with the Public Company Accounting Oversight Board (PCAOB). A-LIGN Compliance and Security, Inc. dba A-LIGN is a leading cybersecurity and compliance professional services firm.

A-LIGN 2024. All rights reserved.

  • Services
    • SOC ASSESSMENTS
      • SOC 1
      • SOC 2
    • ISO CERTIFICATIONS
      • ISO 27001
      • ISO 27701
      • ISO 22301
      • ISO 42001
    • HEALTHCARE ASSESSMENTS
      • All Healthcare
      • HITRUST
      • HIPAA
    • Federal Assessments
      • All Government
      • FedRAMP
      • StateRAMP
      • FISMA
      • CMMC
      • NIST 800-171
    • PCI Assessments
      • PCI DSS
      • PCI SSF
    • Cybersecurity
      • Penetration testing
      • Red team services
      • Ransomware preparedness assessment
      • Social engineering
      • Vulnerability assessment service
    • Privacy
      • GDPR
      • CCPA/CPRA
    • Additional Services
      • Microsoft SSPA
      • NIS2 Directive
      • C5 Attestation
      • SOX 404
      • CSA STAR
      • Business Continuity & Disaster Recovery
      • Limited Access Death Master File
  • Technology
  • About Us
    • Our Company
    • Meet our team
    • Board of Directors
    • Partners
    • Events
    • Careers
  • Resources
  • A-SCEND Login
  • Careers
CONTACT US