TRA Consulting, Inc.
TRA Consulting, Inc.

ISO 27001:2022 Readiness Assessment

ISO/IEC 27001:2022 · Clauses 4–10 + Annex A · 93 Controls · ISMS Readiness

Required before export
Required before export
Required before export
⏰ OVERDUE
🔄 Delta View Active
✓ Saved
0 controls selected
⚠️ Important: This tool is for internal gap analysis only — not a substitute for a formal CMMC C3PAO assessment. Rev 2 SPRS weights reflect the DoD Assessment Methodology; verify against the current NIST SP 800-171 DoD Assessment Methodology before SPRS submission. Rev 3 controls are based on NIST SP 800-171r3 (finalized May 2024); DoD has not yet adopted Rev 3 for CMMC — Rev 2 applies to all DFARS/CMMC contracts as of 2026. Rev 3 ODP values (marked ODP) must be defined by your organization.
TRA Consulting
TRA Consulting, Inc.
Maximum Business Value, Minimum Downtime · traconsulting.com
ISO 27001:2022 Readiness Assessment Tool v6
Developed by TRA Consulting, Inc. · ©