CMMC requirements
Explore key CMMC compliance requirements and controls. Identify the type and level of assessment you need, and discover how the assessment process works.

What you need to know about CMMC assessment
CMMC encompasses technical, operational, and governance-related cybersecurity practices to strengthen the security of the Department of Defense (DoD) and the Defense Industrial Base (DIB).
To earn CMMC certification, organizations must adhere to the security practices outlined in one of the three CMMC levels—based on the type of data the organization handles and their role within the DoD supply chain. Each level also requires a different assessment type (self-assessment or third-party assessment) and has different requirements for recertification.
Learn about CMMC requirements, certification levels, and the documentation required to earn a certification.
CMMC requirements

Looking to automate up to 50% of the work for CMMC?
What you need to know about CMMC assessment
CMMC encompasses technical, operational, and governance-related cybersecurity practices to strengthen the security of the Department of Defense (DoD) and the Defense Industrial Base (DIB).
To earn CMMC certification, organizations must adhere to the security practices outlined in one of the three CMMC levels—based on the type of data the organization handles and their role within the DoD supply chain. Each level also requires a different assessment type (self-assessment or third-party assessment) and has different requirements for recertification.
Learn about CMMC requirements, certification levels, and the documentation required to earn a certification.
Explore more CMMC articles
Introduction to CMMC
CMMC requirements
CMMC certification process
CMMC levels
Get started with CMMC
Start your CMMC journey with these related resources.

What you need to know about CMMC—from our Director of Government Strategy & Affairs Morgan Kaplan
Vanta’s director of US government strategy and affairs shares how current and future contractors for the DoD can get CMMC certified.

CMMC Checklist
This checklist will guide you through the steps to take to get CMMC certified and how to successfully implement and maintain the certification.

The ultimate guide to NIST 800-171
Jumpstart your NIST 800-171 compliance with Vanta's complete guide to this legally required security standard.