For DoD, DHS & CBP subcontractors

Keep Your Federal Contracts. Get CMMC Level 1 Ready.

CMMC requirements are now appearing in DoD contracts, and primes are pushing them down to every subcontractor. CyberPolicify walks you through the 17 required practices, shows you exactly where you stand, and generates the written policies assessors ask for.

Built for machine shops, manufacturers, engineering and IT services firms with 5-50 people — not for primes with a compliance department.

3-minute check, no signup All 17 Level 1 practices From $49/mo

Why this matters now

  • • The CMMC rule is final — clauses are being added to new DoD solicitations, and primes must flow the requirement down to subcontractors.
  • Level 1 applies to any contractor that handles Federal Contract Information (FCI) — that includes most subs, even without CUI.
  • • Level 1 is an annual self-assessment with an executive affirmation in SPRS — you don't need an expensive third-party assessor, but you do need evidence.
  • • DHS and CBP contractors face the same FAR 52.204-21 basic-safeguarding baseline — the identical 15 requirements behind CMMC Level 1.

From "are we compliant?" to a defensible self-assessment

Three steps, no consultants, no jargon.

STEP 1

See where you stand — free

Take the 3-minute Audit Ready Check. Get a readiness score across the CMMC Level 1 basics and a plain-English list of your gaps.

STEP 2

Run the full guided assessment

Work through every Level 1 practice control-by-control with evidence notes, an AI gap summary, and a remediation tracker — so your annual self-assessment is documented, not guessed.

STEP 3

Generate the policies primes ask for

Access control, physical security, media disposal, malware protection, and more — AI-generated for your business, exported to Word, ready for a prime's supplier questionnaire.

The math for a small contractor

CMMC consultant engagement

$5,000 – $15,000
  • • One-time readiness engagement
  • • Weeks of scheduling and interviews
  • • Policies handed over as static Word files
  • • Repeat spend at every annual self-assessment

CyberPolicify

$49/mo
  • Guided 17-practice self-assessment, repeatable every year
  • AI-generated policies customized to your business
  • Gap analysis, risk register, and remediation tracking
  • 14-day free trial, no credit card

Handling CUI under a Level 2 contract? That requires all 110 NIST SP 800-171 controls — talk to us about where we can help.

Find out where you stand — before your prime asks

Free 3-minute readiness check. No signup, no credit card, no sales call.