The CMMC model measures the implementation of cybersecurity requirements at three levels. Each level consists of a set of CMMC Practices. The CMMC levels and associated sets of practices across domains are cumulative. More specifically, for an organization to achieve a specific CMMC level, it must also demonstrate achievement of the proceeding lower levels. For the case in which an organization does not meet its targeted level, it will be certified at the highest level for which it has achieved all applicable practices.
CMMC Level 1
Achieve CMMC Level 1 compliance, ensuring basic cyber hygiene and protecting sensitive information effectively on ISTN.io.
CMMC Level 2
Attain CMMC Level 2 compliance, establishing a structured approach to safeguard controlled unclassified information (CUI) on ISTN.io.
CMMC Level 3
Secure CMMC Level 3 compliance, demonstrating robust security practices to protect sensitive government data effectively on ISTN.io.