top of page

Start your free self-assessment.

We assess your maturity 09-08 / 05-20 (personal data / cybersecurity) based on NIST best practices (800-171),

Self-assessment form

By completing this form (5–7 min) based on NIST SP 800-171, you will obtain an indicative maturity score and priority actions.
Controls evaluated: least privilege, MFA, logging, tested backups, incident response, third-party management, awareness.
Deliverables: score, priorities, evidence to be gathered.

1. Governance & Responsibility : Is a security/CMMC lead formally appointed with a clear mandate?
2. Asset Inventory : Do you maintain an up-to-date inventory of systems handling sensitive data?
3. Access Control (Least Privilege) : Is least privilege enforced and reviewed regularly?
4. MFA for Privileged & Remote Access : Is MFA enabled for admin accounts and remote access?
5. Logging & Monitoring : Are access/event logs retained and reviewed on a defined schedule?
6. Patch Management : Are critical patches deployed within a defined SLA?
7. Endpoint Protection : Are all endpoints/servers protected by centrally managed EDR/antivirus?
8. Encryption (At Rest & In Transit) : Are sensitive data encrypted per a written policy?
9. Secure Configuration Baselines : Are hardened baselines (e.g., CIS or equivalent) applied and controlled?
10. Backups & Recovery : Are backups tested (restore) and isolated (e.g., 3-2-1/immutability)?
11. Risk Management : Do you maintain a risk register with treatments and periodic reviews?
12. Incident Response : Is an IR plan documented, tested (table-top), with roles/contacts defined?
13. Security Awareness & Phishing : Do all staff receive annual training and phishing simulations?
14. Third-Party/Supplier Security : Are critical vendors assessed and security requirements contractualized?
15. Evidence and POA&M : Are compliance evidences centralized and a POA&M tracked?

Form submitted successfully. Thank you!

AtlasCyberAman SARL AU au capital de 100.000 DH 19 Rue Ibnou Adil, Res Dar Raji, Etg N°2, Bourgogne, Casablanca, Maroc

© AtlasCyberAman, 2026

Privacy Policy

R.C. Casablanca : 708039 – ICE : 003863637000063

I.F. : 71074692 – T.P. : 35655309

bottom of page