CMMC Level 2 Datasheet

CMMC Level 2 is essential for organizations that handle Controlled Unclassified Information (CUI) within the Department of Defense supply chain. It introduces 110 cybersecurity practices based on NIST SP 800-171, designed to strengthen your cyber posture and qualify you for sensitive DoD contracts.

If you're just getting started, check out our CMMC Level 1 Data Sheet for basic FCI protection. For more advanced requirements, view our CMMC Level 3 Data Sheet to see what comes next in your compliance journey.

Download the CMMC Level 2 Data Sheet to see all requirements and learn how RSI Security can guide your path to certification.

What is CMMC Level 2?

CMMC Level 2 builds on Level 1 by requiring a full set of 110 controls focused on protecting CUI. These controls span 14 domains, including access control, risk management, and incident response.

Who needs it?
Contractors and subcontractors working with CUI on moderate-risk DoD projects. Certification is conducted by a C3PAO (Certified Third-Party Assessor).

Key Features:

• All 110 NIST SP 800-171 controls

• Enhanced CUI protection measures

• Third-party assessment required

• Step toward full cyber resilience

What’s in the CMMC Level 2 Data Sheet?

Our downloadable guide includes:

• Full list of Level 2 controls and domains

• Practice IDs and descriptions for easy reference

• Tips to prepare for assessment

• Support options from RSI Security experts