Certified CMMC Assessor Training (CCA)

Course 2073

  • Duration: 5 days
  • Language: English
  • Level: Intermediate

This training program equips individuals to become Certified CMMC Assessors (CCA) and prepares them for the Certified CMMC Assessor exam. It focuses on the requirements for evaluating CMMC levels and provides workflow strategies to enhance assessment efficiency.

CCA’s play a vital role in ensuring that Department of Defense (DoD) suppliers and service providers meet the cybersecurity standards set by the Secretary of Defense. The CMMC program establishes a standardized framework for assessing organizations that seek to supply products and services to the DoD, requiring them to demonstrate cybersecurity compliance and competence. The course also addresses proper management of Controlled Unclassified Information (CUI).

Training is delivered through virtual instructor-led sessions and interactive classrooms in real-time, tailored to meet the specific needs of each team. This program also includes employee development training to boost overall team performance, ensuring adherence to the Defense Federal Acquisition Regulation (DFAR) cybersecurity standards.

Certified CMMC Assessor Training Delivery Methods

  • In-Person

  • Online

  • Upskill your whole team by bringing Private Team Training to your facility.

Certified CMMC Assessor Training Information

In this CMMC CCA course, you will:

  • Protect CUI with the CMMC program.
  • Establish the key elements of your responsibilities as a professional CMMC Assessor.
  • Work through an Assessment.
  • Validate the context and scope of a Level 2 CMMC Assessment.
  • Assess the practices in all 14 domains derived from NIST SP 800-171.

Training Prerequisites

To ensure your success in this course and to enable you to sit for the exam:

  • You must have attained your CCP Certification.
  • Complete CCA Application Process and remain in good standing with the CAICO
  • Enroll in and complete CCA course with an Approved Training Provier (ATP)
  • Pass CCA Exam
  • NEW: Obtain Tier 3 Background Investigation Eligibility Determination
  • NEW: Have at least three (3) years of cybersecurity experience
  • NEW: Have at least one (1) year of assessment or audit experience
  • NEW: Possess at least one baseline certification* aligned to the Intermediate (minimum to meet requirements) or Advanced Proficiency Level for Career Pathway Certified Assessor 612 (Security Control Assessor) from DoD Manual 8140.03

Certified CMMC Assessor Training Outline

Topic A: Protect Controlled Unclassified Information
Topic B: Utilize the CMMC Source Documents

Topic A: Identify Assessment Roles and Responsibilities
Topic B: Establish an Assessor Mindset
Topic C: Determine the OSC's Cybersecurity Environment

Topic A: Identify Assessment Flow and Milestone Events
Topic B: Prepare to Work with the OSC
Topic C: Formalize the Plan
Topic D: Assess the Evidence
Topic E: Handle Non-Conformity Issues
Topic F: Finalize the Assessment

Topic A: Define Scope Fundamentals
Topic B: Categorize the Assets
Topic C: Determine the OSC Context
Topic D: Define ESPs
Topic E: Validate the Assessment Scope

Topic A: Evaluate the AC Practices
Topic B: Identify AC Connections and Considerations

Topic A: Evaluate the AT Practices
Topic B: Identify AT Connections and Considerations

Topic A: Evaluate the AU Practices
Topic B: Identify AU Connections and Considerations

Topic A: Evaluate the CA Practices
Topic B: Identify CA Connections and Considerations

H3: 
Topic A: Evaluate the CM Practices
Topic B: Identify CM Connections and Considerations

Topic A: Evaluate the IA Practices
Topic B: Identify IA Connections and Considerations

Topic A: Evaluate the IR Practices
Topic B: Identify IR Connections and Considerations

Topic A: Evaluate the MA Practices
Topic B: Identify MA Connections and Considerations

Topic A: Evaluate the MP Practices
Topic B: Identify MP Connections and Considerations

Topic A: Evaluate the PE Practices
Topic B: Identify PE Connections and Considerations

Topic A: Evaluate the PS Practices
Topic B: Identify PS Connections and Considerations

Topic A: Evaluate the RA Practices
Topic B: Identify RA Connections and Considerations

Topic A: Evaluate the SC Practices
Topic B: Identify SC Connections and Considerations

Topic A: Evaluate the SI Practices
Topic B: Identify SI Connections and Considerations

Appendix A: Evidence Collection Approach for CMMC Practices Levels 1 and 2
Appendix B: Additional Documentation for CCAs
Appendix C: Mapping Course Content to the CCA Exam

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

Certified CMMC Assessor Training FAQs

A Certified CMMC Assessor (CCA) applies a rigorous Assessment Process to ensure the relevant security controls have been effectively implemented and that there is evidence that these controls can be sustained.

The CCA is responsible for identifying the scope of an Assessment, assessing the Cyber-AB CMMC Level 2 practices, and using an established process and workflow to enable efficiencies during an Assessment.

  • Certified CMMC Professionals (CCP) who are interested in becoming a Certified Assessor at Level 1
  • Cyber Professionals looking to provide CMMC guidance
  • OSC’s – Organizations seeking certification
  • Anyone looking to build a foundation of knowledge around the CMMC Level 1 requirements

Vendors or contractors working in any part of the DoD supply chain will be required to obtain CMMC compliance in order to continue working with the DoD.

To ensure your success in this course, you must have the foundational cybersecurity knowledge of a Certified CMMC Professional, which you can obtain by taking the Learning Tree course 2072, Certified Professional CMMC Training (CCP).

Yes, we offer team training solutions that can be tailored to meet the unique needs of your organization, including full-scale program development, expert team coaching, and blended learning models. Our team can deliver the training when, where, and how you want it.

The CMMC program provides a standard model and process for conducting a conformity assessment of Department of Defense (DoD) suppliers and service providers. Organizations wanting to provide products and services to the DoD will be required to demonstrate their cybersecurity competency and compliance under the CMMC program.

Chat With Us