SIRC is CMMC Level 1 and 2 Certified!
It is a major milestone for SIRC (Software Information Resource Corporation) to achieve CMMC Level 1 and Level 2 status. This certification is the “gold standard” for security within the Defense Industrial Base (DIB), signaling to the Department of Defense (DoD) and prime contractors that SIRC is a trusted partner capable of handling sensitive government data.
Here is a breakdown of what these certifications mean for SIRC’s operations and their ability to support the federal mission.
CMMC Level 1: Foundational (Federal Contract Information)
Level 1 focuses on basic cyber hygiene. By achieving this, SIRC has demonstrated compliance with 15 fundamental security requirements outlined in FAR 52.204-21.
- Data Protected: Federal Contract Information (FCI)—data provided by or generated for the government under a contract that is not intended for public release.
- Key Practices: Access control, identification and authentication, and physical protection of assets.
CMMC Level 2: Advanced (Controlled Unclassified Information)
Level 2 is a significant step up, requiring SIRC to mirror the 110 security controls of NIST SP 800-171.
- Data Protected: Controlled Unclassified Information (CUI)—sensitive information that requires safeguarding or dissemination controls (e.g., proprietary research, engineering drawings, or legal documents).
- Key Practices: Incident response, risk assessment, system and communications protection, and continuous monitoring.
| CMMC Unique Identifier(UID) | CMMC Status Type | Assessment Date | Affirmation Expiration Date | CMMC Status Expiration Date | Assessment Scope | Current CAGE Status |
|---|---|---|---|---|---|---|
| S200033713 | CMMC L2 Final Self-Assessment | 12/17/2025 | 12/17/2026 | 12/17/2028 | ENTERPRISE | 1PQ53 |
| S100029811 | CMMC L1 Final Self-Assessment | 11/19/2025 | 11/19/2026 | ENTERPRISE | 1PQ53 |