KLC Consulting provides CUI Guidance to minimize Controlled Unclassified Information footprint and reduce cost of compliance
Full 1
Save Compliance Costs With Our
CUI Guidance

CUI Guidance – Scoping CUI is Your First Step in CMMC

To have confidence in your NIST 800-171 self-assessment and SPRS submission requires an understanding of the CUI you handle and its scope within your business organization (your CUI footprint). Our CUI Guidance consulting service is designed to ensure your best first step to CMMC compliance.

We help you:

  • Identify Federal Controlled Information (FCI) and Controlled Unclassified Information (CUI) that touch your people, processes, and technology. 
  • Review your strategy for NIST 800-171 / CMMC compliance.
  • Evaluate and improve your existing System Security Plan (SSP) and Plan of Actions and Milestone (POAM)
  • Assess and improve your policies, procedures, and practices
  • Minimize your CUI footprint which equals less compliance effort and lower cost.

NIST 800-171 and CMMC Compliance do not need to be a company-wide undertaking. In fact, DFARS requirements only apply where Controlled Unclassified Information (CUI) touches your people, processes, and technology. KLC Consulting’s CUI Guidance consulting is the first step toward becoming CMMC Compliant. Our approach minimizes your CUI footprint which equals less compliance effort and a lower cost.

“The most critical factor in CMMC Level 2 compliance is discerning the CUI you handle, segregating it, and minimizing its footprint within your business organization.”

– Kyle Lai, CISSP, CISA, and President of KLC Consulting, Inc.

Determine Your CUI Boundary – A Guide for Defense Contractors: NIST 800-171 and CMMC

Call for an Introductory No-Cost Consultation: 617.314.9721  x158

CUI Guidance – How We Work Together

KLC's proprietary CUI data lifecycle approach is the foundation of our CUI Guidance consulting.  It minimizes CMMC compliance cost
  • We conduct Zoom calls to analyze how your business operates.
  • Discern the CUI information you handle.
  • Use our proprietary “CUI Data Lifecycle” methodology to scope your CUI boundary, minimize its footprint, and reduce your CMMC compliance cost.

1 Input & Creation of CUI

Review and document how it’s received and created.

2 Storage of CUI

Evaluate, inspect, and document processes and mechanisms.

3 Use of CUI

Examine who, what, where, why, and how of usage.

4 Share of CUI

How shared with prime contractors, subcontractors and the DoD.

5 Archive of CUI

Analyze methods and processes of archival and encryption.

6 Disposal of CUI

Evaluate contract requirements with
practices and processes.

CUI Guidance Consulting Package

Our CUI Guidance provides the best foundation for your CMMC compliance program.

We utilize the CMMC 2.0 Assessment Guide and provide you with

  • Your CUI boundary diagram
  • Identification of “In Scope” assets such as CUI Assets, Security Protection Assets, Risk Managed Assets and Specialized Assets
  • Recommendations to minimize your CUI footprint

Prices start at $7,900 and vary by your in-scope factors, including the numbers of:

  • Physical locations and cage codes
  • Employees and citizenship
  • Systems, devices, and applications

Now you’re ready for an accurate self-assessment

The Next Steps are SPRS Submission and POAM Remediation

Do You Sell Commercial Off The Shelf (COTS)?

If so, NIST 800-171 and CMMC Level 2 don’t apply. If you believe that’s what you sell to the DoD is COTS, we can help you prove it.

KLC Consulting CMMC YouTube
KLC Consulting CMMC LInkedIn

Check out our YouTube channel and LinkedIn pages for the latest information and education resources for Cybersecurity Maturity Model Certification.

latest CMMC video

Check out our CUI definition and boundary video…

“a video guide for defense contractors”

Lower Your CMMC Compliance Cost With Our CUI Guidance!

We meet you where you’re at and bring you to ‘CMMC Assessment Ready’
with as much or as little help as you need

This field is for validation purposes and should be left unchanged.