Demo Mode
Get Started Free
CMMC Command

Compliance Documents

DOD-format SSP and POA&M — generated from your control data

Starter+

Document Readiness — 4/4 Complete

Company profile complete

Focused Defense LLC · CAGE 7K4M2

Controls assessed

77 of 110 controls assessed

Evidence uploaded

47 evidence files across 14 families

Policies drafted

12 of 20 policies approved

Your data is ready. Sign up to generate your DOD-format documents instantly.

System Security Plan

7-section DOD format · NIST SP 800-171 · Rev 2

Starter+
Get Started Free

Company

Focused Defense LLC

CAGE Code

7K4M2

Classification

CUI

Compliance Score

70%

Document Sections

1System Identification
2System Owner & Points of Contact
3System Description & Purpose
4CUI Categories & Boundary Definition
5Security Requirements Implementation
In Progress
6Roles & Responsibilities
7Approval & Signature Block
Pending

Section 5: Security Requirements Implementation

3.1.1 — Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems). [IMPLEMENTED]

Implementation Statement: Access to organizational systems is controlled through Microsoft Entra ID with role-based access control policies. All user accounts require manager approval and are subject to quarterly access reviews conducted by the ISSO…

3.5.3 — Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts. [NOT IMPLEMENTED]

Implementation Statement: MFA enforcement is pending for 23 administrative accounts. Remediation in progress per POA&M item POA-001. Target completion: 30 days…

Plan of Action & Milestones

SPRS-weighted · 30/60/90-day milestones · Score impact analysis

Starter+
Generate POA&M (12)
IDControlTitlePriorityTargetSPRS
POA-0013.1.2Transaction and Function Control
Critical
30 days+5
POA-0023.4.8Application Execution Policy
Critical
30 days+5
POA-0033.8.7Removable Media
Critical
30 days+5
POA-0043.14.3Security Alerts
Critical
30 days+5
POA-0053.1.5Least Privilege
High
60 days+3

+7 more items in the generated document

12

Open Items

4

Critical

+30

SPRS Gain

Executive One-Pager

CISO-Ready Leadership Briefing · Professional+

Professional+
Get Started Free

SPRS Score

+10

Compliance

70%

Open Gaps

12

Top Gap

3.1.2

Priority Items

4 Critical

AI Summary

Included

What C3PAO Assessors Expect

System Security Plan

  • Per-control implementation statements explaining HOW each requirement is met
  • System boundary and CUI flow documentation
  • Named roles with actual personnel assigned

Plan of Action & Milestones

  • Every gap documented with specific remediation steps
  • Realistic target dates with milestones
  • Resource allocation and responsible parties

Supporting Evidence

  • Approved policies covering all 14 control families
  • Screenshots, configs, and audit logs as evidence
  • SPRS score submitted to the DOD portal