Free · 10 questions · ~2 minutes

Where do you actually stand on CMMC Level 2?

Answer 10 quick questions about your environment and get an instant, directional read on your readiness, the same high-weight controls a C3PAO checks first. No account. No card. Nothing to install.

Free · Self-assessment preview · Results on screen instantly

Your result is computed in your browser from your own answers.

Your gap check is ready.

Enter your work email and your results appear on screen immediately, with a copy sent to your inbox you can hand to your team.

We use your address for your gap-check results and follow-up. We never sell it. Unsubscribe in one click.

Estimated SPRS point exposure, from these 10 controls
−0

This is what you reported. The question is whether your environment backs it up.

This check uses your answers, the same way the number you submit to SPRS uses your judgment. In the field, the gap between self-reported and actually configured is usually the whole story. On a typical first measured scan we see the reported score drop once real telemetry is read.

The $799 CMMC Readiness Snapshot measures your live environment against the 110-control NIST 800-171 baseline, cites the evidence file behind every finding (with a SHA-256 hash), and hands you a 30-day remediation list ranked by point recovery, PDF in your inbox in minutes.

Run my measured Snapshot, $799 → See a sample report

Your $799 credits 100% toward month one of any readiness subscription if you continue within 30 days. Every finding is traceable to its evidence, if any one isn’t, we fix the report at no charge.

Want us to follow up?

Leave your email and we’ll reach out with your gap summary and a 30-day remediation starter you can hand to your team. One message, from a human, no drip you can’t leave in one click.

We use your address only to follow up on your gap check and the occasional CMMC readiness note. We never sell it. Unsubscribe in one click.

Methodology & honest limits

This check samples 10 of the highest-weighted controls in NIST SP 800-171 and scores them on the DoD Assessment Methodology point scale (5 / 3 / 1 points). It is a directional self-assessment built from what you reported, not an official SPRS score, not a C3PAO pre-assessment, and not a measurement of your actual systems.

A full assessment covers all 110 controls and 320 assessment objectives, so your real number can only be lower than a check of 10 controls suggests, never higher. "Not sure" is scored as a gap on purpose: in an assessment, a control you can’t evidence is a control you can’t claim.