In the context of heightened geopolitical and international tensions, global information security risks are increasing, necessitating urgent enhancements in security measures. In 2019, the United States introduced the Cybersecurity Maturity Model Certification (CMMC) to bolster network security within the defense supply chain and integrated this standard into the supplier evaluation process, significantly impacting both American and global businesses operating in the U.S. As international tensions continue to escalate, the Taiwanese government plans to adopt the CMMC certification to strengthen its defense supply chain's information security. Currently, ISO 27001 serves as the primary standard for information security management in Taiwan, providing a comprehensive security framework for numerous businesses. Thus, effectively integrating CMMC within the ISO 27001 framework is a crucial issue for Taiwanese enterprises. This study aims to align CMMC with ISO 27001 by reviewing literature on related control measures and selecting check items recommended in official CMMC documentation, complemented by expert interviews to validate and suggest improvements for this alignment. The interviews and literature review help understand the Taiwanese industry's perspective on adopting the CMMC standard. A self-assessment checklist is drafted based on the interview outcomes and literature synthesis to ensure closer alignment with CMMC standards. A second round of expert interviews will assess whether this checklist can serve as a tool to enhance Taiwanese enterprises' readiness for CMMC certification and propose necessary modifications. The results offer a practical assessment tool comparing both standards and provide a self-assessment checklist for evaluating key check items, aiding in the development and implementation of future CMMC self-assessments.