Free · No signup · 3 minutes

Audit Ready Check

15 plain-English questions covering the basic safeguards auditors, customers, and federal prime contractors ask about — including all of CMMC Level 1. See exactly where your business stands.

0 of 15 answered0%
1. Access ControlCMMC L1

Does every employee have their own login (no shared accounts), and is access removed promptly when someone leaves?

2. Access ControlCMMC L1

Are employees limited to only the systems and data they actually need for their job?

3. AuthenticationCMMC L1

Do you use multi-factor authentication (MFA) on email and critical business systems?

4. AuthenticationCMMC L1

Do you keep track of the users and devices that are allowed to connect to your systems?

5. External ConnectionsCMMC L1

Do you control and review connections to external systems (vendor tools, cloud services, remote access)?

6. Public ContentCMMC L1

Is content reviewed before it’s posted publicly (website, social media) so sensitive or contract information is never published?

7. Physical SecurityCMMC L1

Is physical access to your office and equipment limited, and do you know who holds keys or badges?

8. Physical SecurityCMMC L1

Are visitors escorted and logged when entering areas with computers or business data?

9. Network SecurityCMMC L1

Do you have a firewall protecting the boundary between your internal network and the internet?

10. Network SecurityCMMC L1

Are public-facing systems (like your website) separated from your internal business network?

11. Malware ProtectionCMMC L1

Is anti-malware installed on all computers, updating automatically, and running regular scans?

12. PatchingCMMC L1

Are security updates and patches applied to computers and software promptly (within about 30 days)?

13. Media DisposalCMMC L1

Are old computers, drives, and USB devices securely wiped or destroyed before disposal or reuse?

14. Backups

Do you back up important business data and periodically test that you can restore it?

15. Policies

Do you have written security policies (acceptable use, access control, incident response) that your team has read?

Answer all 15 questions to see your score.