Free tools we created for your CMMC compliance journey.
Select the resource you would like to download.
DoD Self-Assessment SPRS Scoring Sheet
A checklist that you can use to calculate your DoD Self Assessment (SPRS) score.
Assumed Risk Assessment Template
A template for performing an “Assumed Risk” qualitative cybersecurity risk assessment.
Separation of Duties Matrix
A worksheet that your organization can use to plan and demonstrate separation of duties.
CUI & System Inventory Template
A robust template to help you identify your assets and understand how CUI flows into and out of your organization.
CUI Identification Guide Flowchart
An interactive PDF to help you identify Controlled Unclassified Information (CUI) in your environment.
ECA Certificate Procurement Steps
A PDF that explains the steps to procuring a DoD External Certification Authority (ECA) certificate.
CMMC Level 1 Checklist
A checklist that you can use to assess your compliance with the 17 CMMC Level 1 safeguards.
Employee CUI Handling Guide Template
A template for a guide to provide your employees so that they can effectively identify and handle CUI.
FIPS-Validated Cryptography Scoping Template
A template you can use to scope and address FIPS-validated cryptography requirements for CMMC.
Security Configuration Settings (Hardening) Checklist
A checklist you can use to securely configure (“harden”) your IT components.
SSP Introduction & SEPG Template
A template to use to describe your covered system and Security Engineering Process Guide (SEPG).
Acceptable Use Policy (AUP) Template
A template that your organization can use to develop an Acceptable Use Policy (AUP).
CMMC Continuous Monitoring Template
A template that your organization can use to plan its Continuous Monitoring program.
Computer Incident Response Aid Guide
A guide that your employees can refer to in the event of a computer-related incident.
Incident Response Plan (IRP) Template
A template that you can use to document your Incident Response Plan (IRP).
MSP Shared Responsibility Checklist
A checklist containing all NIST 800-171 controls which can conceivably be outsourced to an MSP or MSSP.
Totem's Cybersecurity 101 eBook
An eBook we created to help you learn how to secure Controlled Unclassified Information (CUI).
Totem Top 10™ Infographic
A handy graphic that describes the 10 most important cybersecurity safeguards.
Totem Top 10™ in NIST 800-171 and CMMC
A checklist containing all NIST 800-171 and CMMC controls that apply to the Totem Top 10.