CMMC Level 1 Datasheet

What is CMMC Level 1?

CMMC (Cybersecurity Maturity Model Certification) Level 1 is the baseline requirement for DoD contractors and subcontractors that process or store FCI. Unlike higher certification levels, Level 1 does not require formal documentation or advanced process maturity, making it ideal for small to mid-sized businesses new to defense contracting.

Level 1 focuses on:

Access Control – Ensuring only authorized users can access systems
Media Protection – Securing or sanitizing storage devices
System Integrity – Protecting against malware and vulnerabilities
Physical Security – Restricting physical access to sensitive environments

All 17 practices map directly to FAR 52.204-21, the Federal Acquisition Regulation clause on safeguarding covered contractor systems.

What's Inside the CMMC Level 1 Data Sheet?

Our downloadable data sheet includes:

• A full list of the 17 CMMC Level 1 practices

• Requirements mapped to FAR 52.204-21

• Common challenges and how to overcome them

• Next steps to prepare for self-assessment or certification

• Insights from RSI Security’s compliance experts.

How RSI Security Helps You Get CMMC Level 1 Compliant

As a trusted cybersecurity and compliance advisor, RSI Security offers full-service support for CMMC readiness:

• Gap assessments aligned to CMMC Level 1 controls

• Remediation planning for non-compliant areas

• Self-assessment support and compliance reporting

• Guidance toward future Level 2/3 upgrades

Whether you're just getting started or need to validate your current cybersecurity posture, we’ll guide you every step of the way.