Skip to the main content.
Try GRC Playbook for free
Try GRC Playbook for free


The Cybersecurity Maturity Model (CMMC) Level 1

This library of Cybersecurity Playbooks provides a set of fully loaded and editable templates that represent the core of what is generally required by management (including process owners), boards of directors and their audit committees, as well as internal and external auditors of relevant organizations, to document, assess, test, report and oversee the design and operating effectiveness of the typical key internal controls on which management is reliant to maintain compliance with Cybersecurity regulatory requirements.

They are drawn from a range of authoritative sources including the National Institute of Standards and Technology (NIST), the Federal Financial Institutions Examination Council (FFIEC), the Department of Defense, the SEC's Office of Compliance Inspections and Examinations (OCIE), and the New York Department of Financial Services (NYDFS).

The Cybersecurity Maturity Model (CMMC) Level 1 Assessment Playbook addresses the following domains:

  • Access Control (AC)
  • Identification and Authentication (IA)
  • Media Protection (MP)
  • Physical Protection (PE)
  • System and Communications Protection (SC)
  • System and Information Integrity (SI)

The CMMC Level 1 Assessment Playbook consists of:

  • 6 CMMC Domains (as above)
  • 17 Practices, and
  • 44 Potential Assessment Considerations

Level 1 of CMMC addresses the protection of Federal Contract Information (FCI) and encompasses the basic safeguarding requirements for FCI specified in Federal Acquisition Regulation (FAR) Clause 52.204-21.

Department of Defense (DoD) contracts that specify the need for a contractor to process, store, or transmit FCI only require the contractor to comply with CMMC Level 1 practices. There is no CMMC process maturity assessed at Level 1.

One Affordable Subscription. 100+ Playbooks.

With one subscription, you'll gain access to all of our Playbooks.


Would you like to find out just how affordable and beneficial a GRC Playbook® subscription can be?

Everything you need, on a platform you already know.


Try GRC Playbook for free