CMMC Level 2

CMMC Level 2 is the middle tier of the Cybersecurity Maturity Model Certification and aligns to all 110 security requirements in NIST SP 800-171, including access control, incident response, system protection, and audit logging.

Level 2 applies to environments handling Controlled Unclassified Information (CUI). Depending on contract requirements, assessment may be performed through self-assessment or third-party assessment by a C3PAO.