SecurityBagel/CMMC-Bagel

⭐ 109 stars | License: GPL-3.0 | Recommendation: HIGH

What it is

Power BI template for CMMC compliance assessment tracking and POA&M management. Uses Excel as data source. Works locally or via SharePoint/Power BI Service.

Key files

• Templates/800-171 Assessment Template.xlsx — fill-in-the-blank assessment spreadsheet
• Templates/POA&M Template.xlsx — POA&M tracking spreadsheet
• Data/Example Assessment.xlsx — complete example assessment
• Data/Example POA&M.xlsx — example POA&M
• *.pbit / *.pbix — Power BI report files
• Includes AWS Managed Rules and Customer Compliance Guides xlsx files

How it could be used

• SPRS score calculation — automatically calculates your SPRS score (required for DoD self-assessments under 32 CFR Part 170)
• POA&M management — track all outstanding findings with remediation status
• Multi-assessment scope — combine scores across facilities, CUI assets, etc.
• Dashboard — visual compliance posture for stakeholders

Caveats

• Requires Microsoft Power BI Desktop (free) or Power BI Service
• GPL-3.0 means modifications must be open-sourced

Notes

This is the most mature open-source CMMC compliance tracking tool available. The Excel templates are directly usable even without Power BI.