CMMC Gap Analysis
CMMC Gap Analysis Service
Before we can get you where you need to be (and know how much it will cost), let’s understand where you are today.
We do this through our Phase 1 CMMC Gap Analysis.
“We knew we were close [to being fully compliant] but found it well worth hiring you to do a CMMC Gap Assessment to identify our deficiencies on some of our internal procedures and supporting documents. And thank you for noting in your report where we’ve done a good job!”
– Director of a Minnesota-based technology company
Call for an Introductory No-Cost Consultation: 617.314.9721 x158
How We Work Together
KLC Consulting uses the current CMMC Assessment Guide published by the DoD to determine compliance through a CMMC Gap Assessment. We perform remote interviews with IT, operations, and management personnel to:
- Identify and discern the Controlled Unclassified Information (CUI) your organization handles
- Determine if the required security practices are followed for the 320 assessment objectives of NIST 800-171
- Evaluate whether CMMC requirements are met
- Analyze supporting evidence for each assessment objective
- Provide you with a list of Practices and Assessment Objectives that meet requirements vs. those that don’t; with an explanation of why
- A one-hour debrief call to present findings and answer your questions
Our CMMC Gap Analysis Package
Your Deliverable Report includes:
- SSP documentation of existing NIST 800-171 and CMMC baseline practices,
- A POA&M for missing practices for both NIST 800-171 and CMMC, with our recommendations to prioritize remediation,
- Assessment score with the details you need for SPRS,
- A one hour debrief call to present deliverables and answer questions
Prices start at $23,900 for a small DIB client seeking CMMC Level 2
- The number of CAGE Codes & SSPs
- Size and complexity of your IT infrastructure
Now that we know where you are in CMMC, we’ll take you where you need to be:
CMMC Level 2 Certified.
Check out our CMMC Gap Assessment video discussion!
Transcript:[Paul] So, we’re going to talk today about Gap Assessments. We get a lot of questions about it. So, I thought it would be good if we talk about that here in this video today.
[Kyle] Okay yeah, it’s an Assessment of where you are today (Continued)
The next step is to Remediate POAM Deficiences and Hire a C3PAO
Help with Remediating Your POA&M Items
KLC Consulting’s DoD cybersecurity experts coordinate with your team to support all areas of NIST 800-171 and CMMC. Let’s improve your CMMC Compliance program!
Free advice and useful resources