If you’re not familiar with the Cybersecurity Maturity Model Certification (CMMC), welcome aboard, and read all about it here.
If you are familiar then you know there is a vast universe of organizations, approximately 350,000, who will need to either self-attest to compliance with the CMMC, or undergo an assessment by a Certified Third-Party Assessor Organization (C3PAO), within the next three years. For those who want to be assessors, or those working inside candidate Organizations Seeking Certification (OSC), the front door to understanding the subject matter is a base-level certification called the Certified CMMC Professional (CCP).
For those tuned in -or deeply participating like we at Monarch ISC- for the last two years, it’s been a challenging process with plenty of stops and starts, and significant changes. We are on version 2.0 of the framework, and there is a process for ensuring the gaps between versions 1 and 2 are addressed for professionals seeking individual certifications as Certified CMMC Assessor (CCA) and/or Instructor (CCI).
Certifications for Provisional Assessor and Provisional Instructor have been active since the summer of 2021 for version 1 of the framework. Since the release of version 2 last fall, the CMMC-AB has announced it will be offering free “Delta Training” to Provisional Instructors, Provisional Assessors, and those recently trained, or about to be trained, in version 1 as CCPs. This training will fill-in the gaps between framework versions. This is great news, because the vast number of OSCs will need certified professionals to assess their organizations, and those professionals will need to be trained! The Delta Training ensures we can keep moving things forward.
Once version 2.0 course content is released by the Licensed Partner Publishers (LPP), the Delta Training will no longer be necessary. That V2 curricula is fairly close to release, as we understand it.
As a point of entry to CMMC and the Defense Industrial Base, (DIB) a CCP certification can serve as a prerequisite to enhance an established cybersecurity career by attaining Certified CMMC Assessor (CCA) or Instructor (CCI) designations. It also has high value to in-house teams to better serve their organizations in preparing for, and passing, their certification assessment.
An in-house CCP will know how to prepare for a CMMC Assessment, and how to ensure the compliance program remains “alive” since each organization will have to re-certify every three years.
Compliance within the CMMC ecosystem aims to establish and/or enhance the cybersecurity posture of businesses across many industries in the DIB. Standardization of information security safeguards is designed to protect Federal Contract Information (FCI), and Controlled Unclassified Information (CUI) throughout a multi-layered supply chain. The CCP certification helps fulfill this need through proliferating comprehension of regulatory requirements throughout the DIB and cybersecurity service provider communities, collectively referred to as the CMMC Ecosystem.
The Certified CMMC Professional (CCP) training program through Monarch ISC (CMMC Registered Practitioner Organization (RPO), Licensed Training Partner (LTP), and C3PAO, leverages years of experience merged with the accredited curriculum authorized through the Cybersecurity Maturity Model Certification Accreditation Body (CMMC AB). This one-week instructor-led live online training will empower students to not only prepare for their CCP exam, to be released soon, but also identify gaps within their organization’s cybersecurity program and begin preparing their OSCs for certification.
John H Rogers, CISSP, CMMC-Provisional Instructor, CMMC-Registered Practitioner, and candidate Provisional Assessor (pending suitability check) has been a technical trainer since 2002, with information and cybersecurity subject matter the focus of training and curricula development. Rogers has conducted hundreds of training sessions, including end-user awareness training, technical training for IT Professionals, leadership and board-level education, and public presentations to a wide audience across the country. Consistently rated excellent in student evaluations, Rogers brings humor, extensive subject matter expertise, and 22 years of field experience as a Senior Cybersecurity Advisor into the classroom to every session.
Read Also: 5 Observations About CMMC 2.0 (monarchisc.com)