Protect the Following Unclassified Information:
- Federal Contract Information (FCI)
- Controlled Unclassified Information (CUI)
- By 2026, all DoD contracts will have the CMMC integrated into its provisions
- Take what the DoD calls a "Defense in Strength" approach to data security
Adopt CMMC best practices to:
- Maximize the cybersecurity resilience of the DoD and DIB
- Increase your chances of winning contracts
- Prepare for potential cyber threats and breaches
- Recovering from a cyber incident without financial penalization
Learning Tree CMMC Certification Program Features
The CMMC Certification Pathway
Authorized training aligned with the Cyber-AB guidelines
- To sit for the CCP exam, you must attend CCP training with an official LTP
- OSCs – Have CCPs on staff to guide your preparations for your eventual CMMC assessment
- Assessors – CMMC CCP is the foundational certification you will need to start your CMMC assessor journey
- LTPs are not allowed to sell exam vouchers, but we can help you get yours
- The CMMC Assessor Course and Exams have not yet been released. Sign up below to be the first to know.
CMMC 2.0 FAQs
Cybersecurity Maturity Model Certification (CMMC) is designed to assess the security posture of Defense Industrial Base (DIB) companies to verify that appropriate practices and procedures are implemented prior to granting defense contracts.
On November 4, 2021, the Department of Defense (DOD) issued sweeping changes to what came to be the first version of CMMC or CMMC 1.0. The primary reason for the change was because the third-party assessment requirement was considered too costly and burdensome for many in the defense industry, especially small to medium-sized enterprises that do not have access to Controlled Unclassified Information (CUI).
The path to certification for CMMC practitioners and assessors has been simplified in the new version of CMMC 2.0. With this new version, Learning Tree began to deliver the certification course/path (2072), in November 2021.
Here are some common questions and answers that will help you understand CMMC and the certification process.
There were five levels of assessment that organizations seeking certification (OSCs) would have to adhere to in CMMC 2.0. This has been reduced to three levels.
- Level 1 – OSCs can self-assess/attest. They will no longer be required to use a third-party assessor organization (C3PAO). However, there are many benefits to having a third-party assessment.
- Level 2 – OSCs at this level will need to have a third-party assessor perform the assessment for them. Learning Tree’s course 2072, Certified Professional CMMC Training (CCP), trains and certifies assessors needed for this level. There are approximately 80,000 OSCs at this level that need to be assessed.
- Level 3–the DOD’s Defense Contract Management Agency’s Defense Industrial Base Cybersecurity Assessment Center (DIBCAC) will assess level 3.
Learning Tree will be updating the course 2072, Certified Professional CMMC Training (CCP), content. Customers who have taken, or will take, Certified Professional CMMC Training (CCP) prior to our release of the new content (mid-June) will be provided with “Delta” On-Demand modules directly from CMMC.
The first course 2072, Certified Professional CMMC Training (CCP), with the CMMC 2.0 materials runs August 22, 2022.
The assessor candidate is first required to earn their CCP (CMMC Certified Practitioner). Training is REQUIRED to earn the CCP, and course 2072, Certified Professional CMMC Training (CCP), is the course they need to take. They also MUST take the training from a CMMC LTP (Licensed Training Provider). If they take the training from a company that is not an LTP, they will not be able to sit for the CCP exam.
Once they earn their CCP, they are then required to take course 2073, Certified CMMC Assessor Training (CCA). This course will be released in Q4 2022.
The CCP exam will be available in October 2022. The release date for the CCA exam has not yet been announced.
LTPs are not allowed to sell the exam vouchers, so we will cover the cost of the exam with a form of digital payment (gift card).
Further training isn’t required. However, they still must be certified and they will want to comply, so the more they know about what an assessment is, the better informed they will be.
Learning Tree has authored course 2074, CMMC 2.0 and NIST SP 800-171 Compliance Training, to help organizations that choose to self-assess.
Only CMMC LTPs (Licensed Training Providers).
No. CMMC requires an instructor to undergo a rigorous training program to become a certified instructor. Learning Tree instructors will also be qualified as assessors.
No. There are no restrictions in terms of citizenship.
If the individuals are going to take the CCA Certification Exam, the official training course must be used.