SEC-01 // CE.MARK.01

BUILD 2026.05.12

T-173 days to enforcement · Nov 1, 2026

Pass your CMMC Level 2 assessment.
Without losing six months.

Compliance Engine walks small defense contractors through all 110 NIST 800-171 controls, writes your SSP and POA&M as you go, and prepares your SPRS submission. Built for prime contractors and subs with 10–200 people.

Start your assessment See pricing

$999 one-time

Up to 5 teammates

No subscription

SPRS // SUPPLIER PERFORMANCE

● LIVE

Current Score

+82/ 110

+47 since start·Last updated 4 min ago

Met

Partial

Not Met

Open

Built for the DIB · 800-171 R2 aligned · CMMC 2.0

DFARS 252.204-7012NIST SP 800-171 R2DoD SPRSCMMC Level 2FIPS 140-2

How it works

Three weeks, not three quarters.

You answer plain-English questions about how your business operates. We translate your answers into the language assessors need — and produce every artifact the DoD expects to see.

STEP 01

Scope your environment

Tell us about your systems, where CUI lives, and who touches it. We tailor the 110 controls to what's actually in scope.

STEP 02

Answer each control

Plain-English questions, real-world examples, and a guided narrative for every control. Save as you go.

STEP 03

Generate & submit

We produce a clean System Security Plan, a tracked POA&M, and a SPRS-ready summary you can submit confidently.

The dashboard

Always know your SPRS score. Always know what's next.

SPRS Score

+82

of 110 maximum▲ +12 this week

Completion

57%

Complete

63 of 110 answered

By family

Outcomes

Built around the things that actually trip up small contractors.

Plain-English control language

Every requirement explained in the way an office manager or a part-time IT lead can act on. No assessor jargon.

Narrative that survives an audit

Guided prompts produce SSP narrative that's specific, traceable, and consistent — the three things assessors care about.

A real SPRS score, not a guess

Score updates live as you answer. See exactly which controls are pulling it down and what each one is worth.

POA&M that tracks itself

Every Not Met and Partially Met control becomes a tracked remediation item with an owner, target date, and status.

Pricing

One price. The whole assessment.

No tiers, no per-seat pricing, no annual renewal.

The whole thing · One price

$999

One-time, per organization · Up to 5 users

Get started

Payments processed by Stripe

Everything included

All 110 NIST 800-171 Rev 2 controls
Live SPRS score
SSP and POA&M DOCX export
Per-control evidence upload
Up to 5 team members
Email support

FAQ

Is this a substitute for a CMMC Third-Party Assessor (C3PAO)?

No. This product produces the SSP, POA&M, and SPRS score required for self-attestation and to prepare for a C3PAO assessment. We are not a C3PAO.

Is $999 really the whole price?

Yes. One-time payment, no subscription, no per-seat pricing. Includes up to 5 team members and lifetime updates as CMMC 2.0 evolves.

How long does an assessment typically take?

Most small contractors complete their first pass in 3–6 weeks of part-time work. Starting now gives buffer time for remediation before the November 1, 2026 deadline.

Does the SSP I export use the official DoD template?

Yes. We render to the DoD SSP template structure. The export is a Word document you can submit or hand to your assessor.

173 days remain

Score your CMMC posture today.

One workspace. $999 one-time. The full toolkit your assessor will recognize.