CMMC: Organizational Foundations
Course Description Overview
The Cybersecurity Maturity Model Certification (CMMC), managed by The Cyber AB (formerly known as the CMMC Accreditation Body or the CMMC-AB), is a program through which an organization's cybersecurity program maturity is measured by their initial and ongoing compliance with applicable cybersecurity practices, as well as their integration of corresponding policies and plans into their overall business operations. Once rule-making has concluded and CMMC 2.0 has been implemented, all organizations providing products or services to the United States Department of Defense (DoD) must comply with the requirements of their applicable CMMC Level. This course provides a complete review of the key elements of this important program.
Important: This curriculum product is not considered CMMC-AB Approved Training Material (CATM). Although it contains the same information covered in the CCP training materials, this course is not intended as certification preparation and does not qualify students to sit for the CMMC CP certification exam. Licensed Training Providers (LTPs) who are seeking to purchase official CATM should contact their United States Career Campus account manager, or Client Services at info@uscareercampus.com
In this course, you will learn about the CMMC Model, framework, context, and application within the DoD, as well as the expectations and requirements imposed upon organizations that do business with the DoD.
You will:
- Identify the threats to the Defense Supply Chain and the established regulations and standards for managing the risk.
- Identify the sensitive information that needs to be protected within the Defense Supply Chain and how to manage it.
- Describe how the CMMC Model ensures compliance with federal acquisitions regulations.
- Identify responsibilities of the Certified CMMC Professional, including appropriate ethical behavior.
- Establish the Certification and Assessment scope boundaries for evaluating the systems that protect regulated information.
- Prepare the OSC for an Assessment by evaluating readiness.
- Use the CMMC Assessment Guides to determine and assess the Evidence for practices.
- Implement and evaluate practices required to meet CMMC Level 1.
- Identify the practices required to meet CMMC Level 2.
- Work through the CMMC Assessment process.
- Microsoft® 365® license (which provides the Microsoft Office apps)
- Microsoft® Windows® 10 Professional
- Adobe Acrobat Reader
- If necessary, software for viewing the course slides. (Instructor machine only.)
For this course, you will need one computer for each student and one for the instructor. Each computer will need the following minimum hardware configurations:
- Sufficient processor speed, RAM, and storage space for good system performance when running Windows.
- Mouse, keyboard, and monitor.
- High-speed, stable Internet connection.
- For the instructor's computer, a method to project and/or share the screen as needed for local and remote class participants.
Lesson 1: Managing Risk within the Defense Supply Chain
Topic A: Identify Threats to the Defense Supply Chain
Topic B: Identify Regulatory Responses against Threats
Lesson 2: Handling Sensitive Information
Topic A: Identify Sensitive Information
Topic B: Manage the Sensitive Information
Lesson 3: Ensuring Compliance through CMMC
Topic A: Describe the CMMC Model Architecture
Topic B: Define the CMMC Program and Its Ecosystem
Topic C: Define Self-Assessments
Lesson 4: Performing CCP Responsibilities
Topic A: Identify Responsibilities of the CCP
Topic B: Demonstrate Appropriate Ethics and Behavior
Lesson 5: Scoping Certification and Assessment Boundaries
Topic A: Use the CMMC Assessment Scope Documentation
Topic B: Get Oriented to the OSC Environment
Topic C: Determine How Sensitive Information Moves
Topic D: Identify Systems in Scope
Topic E: Limit Scope
Lesson 6: Preparing the OSC
Topic A: Foster a Mature Cybersecurity Culture
Topic B: Evaluate Readiness
Lesson 7: Determining and Assessing Evidence
Topic A: Determine Evidence
Topic B: Assess the Practices Using the CMMC Assessment Guides
Lesson 8: Implementing and Evaluating Level 1
Topic A: Identify CMMC Level 1 Domains and Practices
Topic B: Perform a CMMC Level 1 Gap Analysis
Topic C: Assess CMMC Level 1 Practices
Lesson 9: Identifying Level 2 Practices
Topic A: Identify CMMC Level 2 Practices
Lesson 10: Working through an Assessment
Topic A: Identify Assessment Roles and Responsibilities
Topic B: Plan and Prepare the Assessment
Topic C: Conduct the Assessment
Topic D: Report the Assessment Results
Topic E: Conduct the CMMC POA&M Close-Out Assessment