This field is for validation purposes and should be left unchanged.
Press Enter
1. Do you currently do business with the U.S. Department of War (DoW), or do you expect to in the future? If so, are you contractually required to comply with DFARS 252.204-7012?(Required)
Doing business with the DoW is the primary trigger for CMMC requirements and determines whether compliance is mandatory for current or future contracts. DFARS 252.204-7012 contractually requires implementation of NIST SP 800-171 and is a key factor in determining the need for CMMC Level 2 compliance.
Press Enter
2. Do you receive, store, or process Federal Contract Information (FCI)?(Required)
Handling FCI establishes a minimum requirement for safeguarding practices and may trigger CMMC Level 1 obligations. FCI is information provided by or generated for the government under a contract that is not intended for public release.
Press Enter
3. Do you receive, store, or process Controlled Unclassified Information (CUI)?(Required)
Handling CUI significantly increases security requirements and typically places the organization under CMMC Level 2.
Press Enter
4. Have you identified where FCI and/or CUI exists in your organization and which systems store, process, or transmit it?(Required)
If FCI and CUI are not fully identified and scoped, the CMMC boundary cannot be accurately defined or assessed.
Press Enter
5. Do you have a System Security Plan (SSP) that documents your environment, CUI boundaries, and how security requirements are met?(Required)
The SSP is the primary artifact assessors use to understand your environment, CUI boundary, and how security requirements are met.
Press Enter
6. Do you maintain an up-to-date inventory of IT assets (hardware, software, and cloud services) that store or process FCI or CUI?(Required)
You can’t secure what you don’t know you have — inventory is fundamental for applying security controls and tracking CUI and FCI locations.
Press Enter
7. What type of system architecture is used to handle DoW-related information within your organization?(Required)
The system architecture (corporate, enclave, cloud, or hybrid) directly impacts scoping, control implementation, and assessment complexity.

Press Enter
8. Have you completed a NIST SP 800-171 self-assessment and, if required, submitted your score to the Supplier Performance Risk System (SPRS)?(Required)
A completed and submitted self-assessment is a contractual requirement and a baseline indicator of CMMC readiness.
Press Enter
9. For your known security gaps, do you maintain a Plan of Action and Milestones (POA&M) to track remediation?(Required)
A POA&M demonstrates formal risk management and is required to track remediation of controls not yet fully implemented.
Press Enter
10. What is your company size?(Required)
Company size matters because it directly affects CMMC scoping, system architecture, staffing models, documentation expectations, and the most practical path to achieving and sustaining compliance.
Press Enter
Press Enter
12. What is your name?(Required)
Press Enter
Press Enter
Press Enter
Press Enter
16. Can Frazier & Deeter follow up with you regarding your answers and comments from this CMMC assessment?(Required)
Press Enter
17. Would you also like to receive our newsletter?
Press Enter
This field is hidden when viewing the form
Press Enter
This field is hidden when viewing the form
Press Enter
This field is hidden when viewing the form
Press Enter
This field is hidden when viewing the form
Press Enter
This field is hidden when viewing the form
Press Enter
This field is hidden when viewing the form
Press Enter
Press Enter
0% Completed!
Manage your privacy

To provide the best experiences, we and our partners use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us and our partners to process personal data such as browsing behavior or unique IDs on this site and show (non-) personalized ads. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Click below to consent to the above or make granular choices. Your choices will be applied to this site only. You can change your settings at any time, including withdrawing your consent, by using the toggles on the Cookie Policy, or by clicking on the manage consent button at the bottom of the screen.

Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Statistics

Marketing

Features
Always active

Always active
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
Manage options
  • {title}
  • {title}
  • {title}
Manage your privacy
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Statistics

Marketing

Features
Always active

Always active
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
Manage options
  • {title}
  • {title}
  • {title}