Welcome to PreVeil’s new video series, 6 Steps to CMMC Compliance. This series will provide defense contractors with a concise overview of the action they need to take in order to get started on CMMC.

Led by PreVeil’s own compliance expert Noël Vestal, the series will help you answer questions such as:

  • What am I required to do today?
  • What’s the 1st step? (it’s not a self-assessment.)
  • How do I save money throughout the process?

Sign up today to make sure you’re alerted each time a new video drops or look at the existing videos below!


Video #1: What is the first step in my compliance journey?

The first step that any defense contractor should take in their compliance journey is determine the level of CMMC their organization needs to meet. This video explains where contractors should look for their CMMC level and what they will need to comply with for each level.

Video #2: How do I control my compliance costs?

The second step that any defense contractor should take in their compliance journey is managing the scope of their compliance environment and limiting where CUI resides. This video explains the factors contractors should consider when determining their scope.

Video #3: How do I protect CUI?

The third step that defense contractors should take in their CMMC compliance journey is protecting their CUI. This is a key requirement of NIST 800-171 and is at the core of CMMC. This video explains the technology and compliance factors contractors need to consider in choosing a platform to protect CUI.

Video #4: Documentation to protect CUI

The fourth step that defense contractors should take in their CMMC compliance journey is creating robust documentation that explains the policies and procedures the organization uses to protect CUI. Documentation includes items such as a System Security Plan (SSP), Plan of Action and Milestones (POAMs), and the Customer Responsibility Matrix (CRM). The video also mentions the value of PreVeil’s templates in simplifying the compliance process.