Phone No: Top Contact

CMMC Level 1 Controls

CMMC Level 1 Controls

CMMC Level 1 Controls

Domain IA: Identification and Authentication

These security techniques verify that an individual attempting to access your organization’s system through a user account is in fact the authorized user.

Domain MP: Media Protection

These controls secure information stored on digital and non-digital media or devices (e.g., USB drives, hard drives, paper hard copies) through procedures for media use, access, marking, storage, transport, sanitization and downgrading.

Domain PE: Physical Protection

Protecting information systems and data requires the physical security of the facilities that house them from all manner of threats (e.g., theft, natural disaster, accidents).

Domain SC: Systems and Communications Protection

The SC control family includes techniques for securing your organization’s network boundaries and communications (e.g., boundary protection, cryptographic protection, denial-of-service protection).

Domain SI: System and Information Integrity

SI controls protect system and information integrity by identifying and remediating flaws and malicious content through routine actions, such as network and system monitoring, security alerts, and patch application.

No practices required for the following domains at CMMC Level 1

  • Domain AM Asset Management
  • Domain AT Awareness and Training
  • Domain AU Audit and Accountability
  • Domain CA Security Assessment
  • Domain CM Configuration Management
  • Domain IR Incident Response
  • Domain MA Maintenance
  • Domain PS Personnel Security
  • Domain RE Recovery
  • Domain RM Risk Management
  • Domain SA Situational Awareness