Cybersecurity Maturity Model Certification (CMMC): Certified Professional

4.375 Days

26.25 CPD hours

This course provides a jump start on learning material that relates to the CMMC program, and to the planned Certified Professional (CP) certification in particular. It discusses the CMMC program, the current CMMC Model, and other CMMC materials as they exist today. The course may be of interest to individuals who wish to pursue the CMMC-CP certification when it is released. It may also be useful to stakeholders in organizations who will be involved in CMMC assessments, and who wish to gain a general understanding of the program and its requirements for their business planning purposes

In this course, you will examine the current CMMC model (Version 1.02), framework, context, and application within the DoD, as well as the expectations and requirements that will be imposed upon organizations that do business with the DoD. It will also help you to identify threats to cybersecurity and privacy within an IoT ecosystem and implement appropriate countermeasures.

You will gain the skills to:

· Identify risks within the defense supply chain and the established standards for managing them.

· Describe how the CMMC model ensures compliance with federal acquisition regulations.

· Identify responsibilities of the CMMC Certified Professional, including appropriate ethics and behavior.

· Identify regulated information and establish the Certification and Assessment scope boundaries for evaluating the systems that protect that regulated information.

· Evaluate OSC readiness and determine the objective evidence you intend to present to the assessor.

· Use the NIST 800-171A and CMMC Assessment Guide to assess objective evidence for processes and practices.

· Implement and evaluate practices required to meet CMMC maturity level 1.

· Implement and evaluate processes and practices required to meet CMMC maturity level 2.

· Implement and evaluate processes and practices required to meet CMMC maturity level 3.

· Identify processes and practices required to meet CMMC maturity levels 4 and 5.

· Work through the logistics of a CMMC assessment, including planning for and conducting the assessment, as well as any follow-up processes, such as remediation and adjudication.

The Cybersecurity Maturity Model Certification (CMMC), managed by the CMMC Accreditation Body (CMMC-AB), is a program through which an organization's cybersecurity program is measured by their initial and ongoing compliance with applicable cybersecurity practices as well as their integration of corresponding policies and plans into their overall business operations. By Fiscal Year 2026, all organizations providing products or services to the United States Department of Defense (DoD) must obtain at least a Maturity Level 1 certification under this program.

Managing Risk within the Defense Supply Chain

• Topic A: Identify Threats to the Defense Supply Chain
• Topic B: Identify Regulatory Responses Against Threats

Ensuring Compliance through CMMC

• Topic A: Identify Limitations of Self-Certification
• Topic B: Identify Benefits of CMMC
• Topic C: Describe the CMMC Model Architecture

Performing the General Responsibilities of a CMMC CP

• Topic A: Identify Responsibilities of the CMMC CP
• Topic B: Demonstrate Appropriate Ethics and Behavior

Identifying and Scoping Regulated Information

• Topic A: Identify Regulated Information
• Topic B: Establish the Certification and Assessment Scope Boundaries

Initiating the Assessment Process

• Topic A: Evaluate Readiness
• Topic B: Determine Objective Evidence

Assessing Objective Evidence

• Topic A: Assess the Practices Using the CMMC Assessment Guides
• Topic B: Assess the Processes Using the CMMC Assessment Guide Level 3

Implementing and Evaluating CMMC Level 1

• TTopic A: Maturity Level 1 Domains and Practices
• Topic B: Determine Scope Boundaries at Maturity Level 1
• Topic C: Perform a Maturity Level 1 Gap Analysis
• Topic D: Perform a Maturity Level 1 Evidence Validation

Implementing and Evaluating CMMC Levels 2 and 3

• Topic A: Process Maturity Requirements for CMMC Levels 2 and 3
• Topic B: Maturity Level 2 Practices
• Topic C: Maturity Level 3 Practices

Identifying CMMC Levels 4 and 5

• Topic A: Maturity Level 4 Processes and Practices
• Topic B: Maturity Level 5 Processes and Practices

Working Through a CMMC Assessment

• Topic A: Define the Assessment Logistics
• Topic B: Resolve Assessment Related Issues
• Appendix A: Additional Documentation the CP Should Study