CYBER RISK ASSESSMENT
Streamlined Four Phase Process
PHASE 0
Thirty Minute Complementary Discovery Call
Time: 30 Minutes
Deliverable: Initial Scoping Plan of Action
PHASE 1
Initial Scoping
Time: Up to ten hours
Deliverable: Scope Diagram and CMMC / NIST 800-171 Implementation ROM
PHASE 2
Assessment
Time: Hours determined by the ROM.
Average Time: 20-70 hours
Deliverable: Remediation Matrix
CyberDI approximately allocates 40 hours for documentation reviews and discussions with staff. We generally want another 20-30 hours for review of an enclave. Hours will vary on size and scope (i.e. small enclave vs whole business network with several cloud services)
PHASE 3
Optional : Remediation
Hours determined by the Phase 2 assessment remediation matrix.
Time: Based on an itemized list of findings with estimated hours for implementation.
Deliverables: NIST-800-171 / CMMC Compliance
PHASE 4
Optional: Sustainment Training
Access to CyberDI training material on an annual basis
​
CYBER RISK ASSESSMENT
Streamlined Four Phase Process
