← Back

Thank you for your response. ✨

Thank you for your submission! One of our Team Members will reach out shortly.

Please complete this intake form to help us understand your organization’s security posture before our consultation.

Does your organization have a Cage code?(required)

Section 1:  Program Foundation & Scope (32 CFR 117 & CMMC)

1. Has the organization conducted and documented a self-inspection via the DCSA handbook? (required)
2. Has the organization assessed and defined the CUI scope within the network?(required)
3. Has the Senior Management Official (SMO) appointed a Facility Security Officer (FSO) in the Security software system NISS, with certifications?(required)
4. Does the organization have a Standard Practice and Procedures policy that is active and approved by the SMO?(required)
5. Does the organization have an FCL (Facility Clearance)?(required)
If Yes or In-Progress, Is the organization a possessing facility? (Houses classified on site)?
6. Does the organization have an active COMSEC program?  (required)
7. Does the organization operate with a VOIP? (Voice Over Internet Protocol)(required)
8. Does the organization have an approved controlled restricted area for classified meetings/discussions?  (required)
If No, Does the organization intend to house classified at the organization’s facility?

Section 2: Personnel & Insider Threat (32 CFR 117)

1. How personnel within the organization require a clearance?

2. Has the Security Management Official (SMO) designated an Insider Threat Program Committee (ITPC)?(required)
3. Are all cleared personnel enrolled and managed in Continuous Vetting (CV)? (required)
4. Are all employees (cleared and non-cleared) trained on CUI & Insider Threat? (required)
5. Has the organization implemented SEAD 3 and SEAD 4 requirements? (required)

Section 3: Cyber Security Controls (NIST 800-171/CMMC)

1.Does the organization have an Incident Response Plan (IRP)?(required)
If Yes, Has the plan been tested and exercised within the last year?
2. Does the organization have a comprehensive System Security Plan (SSP) developed and approved by the SMO?(required)
3. Does the organization have a Plan of Action & Milestones (POAM) actively maintained in the Supplier Performance Risk System (SPRS)?(required)

Section 4: Classified and Material Control (32 CFR 117)

1.Does the organization have internal procedures in place for safeguarding of classified on and off site?(required)
2. Does the organization have cleared consultants?(required)
If Yes, Is the organization maintaining active consultant agreements for access to classified?
3. Does the organization currently have export control material at your principal address? (required)

Thank You for taking the GIG-IS Intake Assessment.

The owner of this website has made a commitment to accessibility and inclusion, please report any problems that you encounter using the contact form on this website. This site uses the WP ADA Compliance Check plugin to enhance accessibility.