Certified CMMC Professional training course enables participants to acquire a comprehensive understanding of the Cybersecurity Maturity Model Certification (CMMC) model and its requirements. It is a gateway for assessors, as it is a prerequisite to achieve the Certified CMMC Assessor credential.

The Cybersecurity Maturity Model Certification (CMMC) framework is a verification mechanism designed to measure the organizations’ maturity regarding the protection of unclassified information such as Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).

CMMC is a new set of cybersecurity standards that encompasses various cybersecurity standards, references, and other best practices. It comprises a number of processes and practices which are mapped across five cumulative certification levels.

The CMMC model is developed and managed by the Department of Defense (DoD) and is considered to be the DoD’s response to potential compromises of sensitive information that resides on Defense Industrial Base (DIB) systems and networks. CMMC Accreditation Body (CyberAB), on the other hand, is the sole authoritative source for the operationalization of CMMC assessments and training.

Why Should You Attend?

By attending the Certified CMMC Professional training course, you will acquire knowledge about the structure of the CMMC 2.0 model including CMMC levels, domains, and practices. In addition, you will develop the ability to understand, differentiate, and explain the relationship between the CMMC and the primary reference documentation such as FAR 52.204-21, DFARS 252.204-7012, and NIST SP 800-171. 

You will be able to (a) identify, describe, and compare the roles and responsibilities of each member of the CMMC ecosystem, (b) identify and mitigate ethical concerns based on CMMC Code of Professional Conduct, (c) identify and analyze the CMMC model source and supplementary documents, (d) understand the implementation of CMMC practices and review of CMMC level 1 practices, (e) explain the CMMC assessment phases and the role of the Certified CMMC Professional in CMMC assessment process, and (f) understand how to define the CMMC high-level scoping.

This training course will allow you to become a valuable asset for CMMC Third-Party Assessment Organizations (C3PAOs), organizations demanding CMMC trained resources, and consultancy agencies.

The successful completion of the training course is followed by an exam. If you pass the exam, you can apply for the “Certified CMMC Professional” credential. 

Who is this CMMC Professional Training Course and Certification for?

This training course is intended for:

• Professionals or managers involved in and concerned with the implementation of CMMC in an organization seeking CMMC certification

• Individuals interested in being part of the CMMC ecosystem as CMMC assessment team members or individuals aiming to become Certified CMMC Assessors

• Cybersecurity and technology consultants

• Federal employees

• Individuals seeking to gain knowledge about the CMMC model and its requirements

• Individuals interested in providing consultancy services for the CMMC preparation

Learning Objectives

Upon successfully completing the training course, participants will be able to:

• Comprehend the relationship between CMMC model, FAR clause 52.204-21, DFARS clause 252.204-7012, NIST SP 800-171, and other regulations and frameworks

• Explain CMMC levels, domains, and practices

• Interpret the requirements of CMMC model in the specific context of an Organization Seeking Certification (OSC)

• Support an organization in effectively planning, implementing, and attaining the required CMMC level

• Interpret the roles and responsibilities across the CMMC ecosystem and the CMMC Code of Professional Conduct

• Explain the CMMC assessment process and CMMC high-level scoping

Educational Approach

This training course is participant centered and:

• Is aligned to the Certified CMMC Professional certification exam objectives blueprint defined by the Cyber AB

• Contains lecture sessions illustrated with graphics and practical examples

• Encourages interaction between participants by means of questions, suggestions, and discussions

• Includes exercises based on a case study and multiple-choice quizzes

Prerequisites

There is no specific prerequisite for participating in this training course, however, it is recommended to have a general knowledge of cybersecurity and information technology concepts and principles.