CMMC Advisories

CMMC Phase 1 Begins – Action Required by November 10

🔔 Advisory Summary

Starting November 10, 2025, the Department of Defense will officially begin Phase 1 of CMMC 2.0 implementation. All contractors and subcontractors handling Federal Contract Information (FCI) must complete and submit a Level 1 Self-Assessment to the Supplier Performance Risk System (SPRS).

📋 What You Need to Do

✅ Confirm your organization handles FCI

✅ Complete the 17 basic safeguarding practices outlined in FAR 52.204-21

✅ Document your System Security Plan (SSP) and Plan of Action & Milestones (POA&M)

✅ Submit your self-assessment score to SPRS before the deadline

🧠 Why It Matters

Failure to submit your Level 1 assessment may result in contract delays, disqualification, or increased scrutiny during future awards. This marks the first formal enforcement step in the CMMC rollout — readiness now protects your pipeline later.

📎 Resources Available

- CMMC Readiness Checklist for SMBs

- FCI vs CUI Comparison Guide

- What Level of Certification is required

📞 Call to Action

If you're unsure about your scope, documentation, or SPRS submission, contact the EmTech CyberShield™ Team today. We’ll help you assess, document, and submit with confidence — before the clock runs out.