C3 Kit — Globe-America Consulting

⚠

Leave This Page?

You are about to leave the C3 Kit and return to the Globe-America homepage. Any assessment progress you have made will not be saved.

Are you sure you want to proceed?

Proceed to Home →

Know Your Requirement

CMMC Level Determination

6 questions — under 2 minutes — to determine whether you need CMMC Level 1 or Level 2 and exactly what that means for your compliance path.

Why This Matters

Level 1 and Level 2 have completely different requirements, timelines, and costs. Level 1 is a self-assessment of 15 basic controls. Level 2 requires all 110 NIST SP 800-171 controls and, for most contracts starting November 2026, a third-party C3PAO assessment. Getting this wrong wastes time and money.

QUESTION 1 OF 6

Does your organization receive, generate, or handle information the government has designated as Controlled Unclassified Information (CUI) — such as technical specs, designs, export-controlled data, or information marked CUI or CONTROLLED?

QUESTION 2 OF 6

Do any of your DoD contracts include the clause DFARS 252.204-7012 (Safeguarding Covered Defense Information) or reference NIST SP 800-171 compliance requirements?

QUESTION 3 OF 6

Does your organization store, process, or transmit CUI on your own IT systems — including email, file servers, cloud storage, or laptops?

QUESTION 4 OF 6

Are you a subcontractor receiving work from a prime whose prime contract has CMMC Level 2 requirements or handles CUI?

QUESTION 5 OF 6

Have you received an RFP or contract that explicitly requires CMMC Level 2 certification or references a C3PAO assessment?

QUESTION 6 OF 6

What best describes the sensitivity of the information you handle for the DoD?

🎯

Your Results Are Ready

Enter your details to unlock your personalized C3 compliance report including your CMMC score, SPRS estimate, recommended service package, and project timeline.

Personalized CMMC Readiness Score

Estimated SPRS score and gap analysis

Recommended Globe-America service package

Estimated project timeline and investment range

First & Last Name *

Please enter your name.

Work Email *

Please enter a valid email.

Company Name *

Please enter your company name.

Role

Your information is kept confidential and will never be sold. Privacy Policy

1Welcome

2Scorecard

3SPRS

4Estimators

5Results

6Level Check

Globe-America Consulting

The C3 Kit

Your interactive compliance readiness toolkit for defense contractors. Complete all three modules to receive a personalized assessment, project timeline, estimated investment, and recommended service package.

📋

CMMC Scorecard

Self-assess your readiness across key CMMC domains and identify critical gaps.

📊

SPRS Estimator

Estimate your NIST 800-171 score — the number DoD contracting officers actually see.

📈

Timeline & Cost

Get a realistic project timeline and compliance investment estimate based on your gap level.

Who This Is For

Defense ContractorsDoD SubcontractorsCUI HandlersCMMC AspirantsGovCon New EntrantsFederal Contract Holders

Estimated time: 8–12 minutes

Module 2 of 3

SPRS Score Estimator

The Supplier Performance Risk System (SPRS) score reflects your NIST SP 800-171 self-assessment posture. Scores range from −203 to +110.

Access Control

User permissions, least privilege, remote access (22 practices)

Audit & Accountability

Logging, monitoring, audit trail (9 practices)

Configuration Management

Secure baselines and change control (9 practices)

Identification & Authentication

User IDs, passwords, MFA (11 practices)

Incident Response

Detection, reporting, response (3 practices)

Risk Assessment

Risk assessments and POA&M (3 practices)

System & Comms Protection

Encryption, monitoring, boundary (16 practices)

System & Info Integrity

Malware, patching, alerts (7 practices)

Module 3 of 3

Timeline, Investment & Your Package

Based on your scorecard responses, here is an estimated project timeline, compliance investment range, and the Globe-America service package best suited for your organization.

📅 Readiness Assessment Project Timeline

Estimated weeks to reach assessment-ready status based on your current gap level.

Estimated Total Timeline

💰 Compliance Investment Estimator

Estimated investment range for pre-assessment and self-assessment readiness work. Final scope is confirmed in a written proposal.

Estimated Investment Range

Recommended Service Package

Based on your gap level, one package below has been highlighted as the best fit. All packages include a written proposal with confirmed scope before any engagement begins.

* Indicative ranges assume 25–200 endpoints, 1–3 sites, and a standard Microsoft 365 environment. Clients purchase security tools directly.

🛡

Ask Us About Managed Security Support

Managed EDR, SIEM, and 24x7 SOC/MDR services are available as optional add-ons through vetted third-party providers under Globe-America governance. View add-on pricing →

🎁

$2,500 Off — Limited Time Offer

Sign your engagement agreement within 30 days and save $2,500 on any Compliance Foundation or Readiness & Governance package.

This discount applies to new engagements signed within 30 days of completing this assessment. Applied directly to your written proposal with no fine print.

Offer expires in:

Days

Hrs

Min

Sec

Valid for new clients only. Cannot be combined with other offers. Contact eddie.white@globe-america.com to reference this offer.

Your Personalized Assessment

C3 Results Report

Your complete compliance snapshot — score, SPRS posture, recommended next steps, and your direct path forward with Globe-America.

Ready to Close Your Gaps?

Globe-America Consulting provides practical, affordable CMMC readiness support tailored for defense contractors. Schedule your free discovery call and lock in your $2,500 discount before it expires.

Schedule a Free Discovery Call

eddie.white@globe-america.com · globe-america.com