CMMC Organisational Foundations
Book online today or, if you need help choosing the right course or would like to discuss business discounts, call us on 0113 220 7150.
From £2,950 + VAT
Sorry, there are currently no dates available to book. Submit an enquiry to hear from one of our team about when dates might become available.
Overview
The Cybersecurity Maturity Model Certification (CMMC), managed by The Cyber AB (formerly known as the CMMC Accreditation Body or the CMMC-AB), is a program through which an organization's cybersecurity program maturity is measured by their initial and ongoing compliance with applicable cybersecurity practices, as well as their integration of corresponding policies and plans into their overall business operations. Once rule-making has concluded and CMMC 2.0 has been implemented, all organizations providing products or services to the United States Department of Defense (DoD) must comply with the requirements of their applicable CMMC Level. This course provides a complete review of the key elements of this important program.
Important: This curriculum product is not considered CMMC-AB Approved Training Material (CATM). Although it contains the same information covered in the CCP training materials, this course is not intended as certification preparation and does not qualify students to sit for the CMMC CP certification exam.
Prerequisites
No prequisites.
This course provides an immersive learning experience for business and technical professionals who need a thorough understanding of the CMMC program. It does this by taking the point of view of a CMMC Certified Professional. Students might consider taking this course to learn more about the overall CMMC program, how DoD contractors are assessed, and how to help their organizations prepare for a CMMC Assessment.
Delegates will learn how to
In this course, you will learn about the CMMC Model, framework, context, and application within the DoD, as well as the expectations and requirements imposed upon organizations that do business with the DoD.
You will:
- Identify the threats to the Defense Supply Chain and the established regulations and standards for managing the risk.
- Identify the sensitive information that needs to be protected within the Defense Supply Chain and how to manage it.
- Describe how the CMMC Model ensures compliance with federal acquisitions regulations.
- Identify responsibilities of the Certified CMMC Professional, including appropriate ethical behavior.
- Establish the Certification and Assessment scope boundaries for evaluating the systems that protect regulated information.
- Prepare the OSC for an Assessment by evaluating readiness.
- Use the CMMC Assessment Guides to determine and assess the Evidence for practices.
- Implement and evaluate practices required to meet CMMC Level 1.
- Identify the practices required to meet CMMC Level 2.
- Work through the CMMC Assessment process.
Outline
Module 1: Managing Risk within the Defense Supply Chain
- Identify Threats to the Defense Supply Chain
- Identify Regulatory Responses against Threats
Module 2: Handling Sensitive Information
- Identify Sensitive Information
- Manage the Sensitive Information
Module 3: Ensuring Compliance through CMMC
- Describe the CMMC Model Architecture
- Define the CMMC Program and Its Ecosystem
- Define Self-Assessments
Module 4: Performing CCP Responsibilities
- Identify Responsibilities of the CCP
- Demonstrate Appropriate Ethics and Behavior
Module 5: Scoping Certification and Assessment Boundaries
- Use the CMMC Assessment Scope Documentation
- Get Oriented to the OSC Environment
- Determine How Sensitive Information Moves
- Identify Systems in Scope
- Limit Scope
Module 6: Preparing the OSC
- Foster a Mature Cybersecurity Culture
- Evaluate Readiness
Module 7: Determining and Assessing Evidence
- Determine Evidence
- Assess the Practices Using the CMMC Assessment Guides
Module 8: Implementing and Evaluating Level 1
- Identify CMMC Level 1 Domains and Practices
- Perform a CMMC Level 1 Gap Analysis
- Assess CMMC Level 1 Practices
Module 9: Identifying Level 2 Practices
- Identify CMMC Level 2 Practices
Module 10: Working through an Assessment
- Identify Assessment Roles and Responsibilities
- Plan and Prepare the Assessment
- Conduct the Assessment
- Report the Assessment Results
- Conduct the CMMC POA&M Close-Out Assessment
Appendix A: Evidence Collection Approach for CMMC Level 1 Practices
Appendix B: Additional Documentation for CCPs
QA is proud to be an authorised CertNexus partner.
Cyber Security learning paths
Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.
Governance, Risk & Compliance learning paths
Want to boost your career in Governance, Risk & Compliance? View QA's learning pathway below, specially designed to give you the skills to succeed.
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.