Cyber Assessment and Readiness (CAR)

Our solution will:

  • Provide a comprehensive assessment of your gaps with NIST 800-171 and current CMMC guidance
  • Develop a plan to demonstrate compliance at the lowest possible cost
  • Provide added protection against breaches and malware
  • Train your staff how to practice good cybersecurity
  • Provide evidence for customers and regulators to prove you take cybersecurity seriously


You Get the Complete Solution

  • Annual risk and gap assessment – we find the gaps between your company and NIST 800-171/CMMC, and help you address them.
  • High Value data inventory – High Value datasets that need elevated levels of security controls
  • Third party vendor assessments – review each tier of the supply chain for appropriate security controls
  • Train your users on common cybersecurity mistakes – monthly training videos that are reviewed on demand.
  • Detect suspicious activity – analyze firewall logs for indications of an attack.
  • Secure computing – Review system configurations for alignment with industry best practices.
  • Secure mobile devices – checklists and tests to make sure your smartphones and tablets are configured properly.
  • Incident response tests – quarterly phishing campaigns that will test how your employees will behave if targeted.
  • User security tests – quarterly reviews with users to confirm that your security controls are maintained.
  • Find the vulnerabilities before they are exploited – quarterly scans of your high value systems and of your enterprise.
  • Monitoring for suspicious changes – on-going monitoring of your network and DNS records to identify potential threats.
  • Executive cybersecurity briefings – semi-annual reviews of your security plans and outline current ongoing risks.
    CAR logo

Cost and Purchase Options


  • CMMC Readiness Assessment

This assessment, a series of predefined questions about the current state of their organization’s security controls, will be done through a survey that ITSC will provide. The analysis of the assessment is a spreadsheet highlighting where there are gaps in security controls for CMMC levels 1-3, depending on a predetermined level.

Cost: $1,500 | CMMC Levels 1-3



  • COMPACT Deliverables +
  • Dashboard with findings explained
  • Plan of Action and Milestones (POAM) with remediations
  • Review of current ISPs and SSPs
  • Security Policy Templates

Cost: $5,000 | CMMC Level 1



  • ECONOMY Deliverables +
  • INTERIM RULE Deliverables +

Cost: $7,500 | CMMC Level 1

  • 17 Practices

Cost: $15,000 | CMMC Level 1 & 2

  • 72 Practices

Cost: $25,000 | CMMC Level 1, 2 & 3

  • 130 Practices



  • INTERMEDIATE Deliverables +
  • Virtual Chief Information Security Officer (vCISO)
  • Hands off autonomous option providing the highest level of service

Cost: Call for a customized quote | CMMC Levels 1-3


CAR Package Add-On


  • DoD Interim Rule Assessment
  • Review of current ISP and SSP
  • IT Security Policy Templates

Cost: $3,750


For more information email


Virtual Chief Information Security Officer (vCISO)

ITSC provides adaptive vCISO solutions that fit SMB enterprises.


For more information email


ITSC Virtual Security Operation Center (vSOC)

Flexible Security for Any Architecture


For more information email