Protect the Following Unclassified Information:
- Federal Contract Information (FCI)
- Controlled Unclassified Information (CUI)
- By 2026, all DoD contracts will have the CMMC integrated into its provisions
- Take what the DoD calls a "Defense in Strength" approach to data security
Adopt CMMC best practices to:
- Maximize the cybersecurity resilience of the DoD and DIB
- Increase your chances of winning contracts
- Prepare for potential cyber threats and breaches
- Recovering from a cyber incident without financial penalization
Learning Tree CMMC Certification Program Features
The CMMC Certification Pathway
Authorized training aligned with the Cyber-AB guidelines
- To sit for the CCP exam, you must attend CCP training with an official LTP
- OSCs – Have CCPs on staff to guide your preparations for your eventual CMMC assessment
- Assessors – CMMC CCP is the foundational certification you will need to start your CMMC assessor journey
- LTPs are not allowed to sell exam vouchers, but we can help you get yours
- The CMMC Assessor Course and Exams have not yet been released. Sign up below to be the first to know.
CMMC 2.0 FAQs
Cybersecurity Maturity Model Certification (CMMC) is designed to assess the security posture of Defense Industrial Base (DIB) companies to verify that appropriate practices and procedures are implemented prior to granting defense contracts.
On November 4, 2021, the Department of Defense (DOD) issued sweeping changes to what came to be the first version of CMMC or CMMC 1.0. The primary reason for the change was because the third-party assessment requirement was considered too costly and burdensome for many in the defense industry, especially small to medium-sized enterprises that do not have access to Controlled Unclassified Information (CUI).
The path to certification for CMMC practitioners and assessors has been simplified in the new version of CMMC 2.0. With this new version, Learning Tree began to deliver the certification course/path (2072), in November 2021.
Here are some common questions and answers that will help you understand CMMC and the certification process.
There were five levels of assessment that organizations seeking certification (OSCs) would have to adhere to in CMMC 2.0. This has been reduced to three levels.
- Level 1 – OSCs can self-assess/attest. They will no longer be required to use a third-party assessor organization (C3PAO), however there are many benefits to having a third-party assessment.
- Level 2 – OSCs at this level will need to have a third-party assessor perform the assessment for them. Learning Tree’s Course 2072 trains and certifies assessors needed for this level. There are approximately 80,000 OSCs at this level that need to be assessed.
- Level 3–the DOD’s Defense Contract Management Agency’s Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) will assess level 3.
Learning Tree will be updating the Course 2072 content. Customers who have taken, or will take, 2072 prior to our release of the new content (mid-June) will be provided with “Delta” On Demand modules directly from CMMC.
Although we have not been given precise dates, it seems that we will be able to begin delivering the new content in the mid-June period.
The assessor candidate is first required to earn their CCP (CMMC Certified Practitioner). Training is REQUIRED to earn the CCP, and Course 2072 is the course they need to take. They also MUST take the training from a CMMC LTP (Licensed Training Provider). If they take the training from a company that is not an LTP, they will not be able to sit for the CCP exam.
Once, they earn their CCP, they are then required to take CMMC Certified Assessor (CCA) training (Course 2073). This course will be released in Q4 2022.
Further training isn’t required. However, they still must be certified and they will want to comply, so the more they know about what an assessment is, the better informed they will be.
Learning Tree has authored Course 2074: Self-Assessment of CMMC 2.0 and SP 800-171 Compliance to help organizations that choose to self-assess.
Only CMMC LTPs (Licensed Training Providers).