CMMC Overview Training
About Course
Do you support the United States Department of Defense (DoD)? Have you heard about security requirements from NIST 800-171 or the Cybersecurity Maturity Model Certification (CMMC), but don’t know where to start? Then this online CMMC overview training is for YOU!
The majority of CMMC training is meant for assessors and consultants, but there aren’t many courses for small and medium businesses to help them understand the process.
Jacob Hill has been leading a small business towards NIST 800-171 compliance and ultimately CMMC certification since 2018, and he understands the struggles small and medium businesses (SMBs) face.
This course is up to date with CMMC 2.0! CMMC is an evolving topic, and as new information becomes available, the course will be updated.
What is CMMC?
CMMC is a cybersecurity compliance and certification framework which DoD created to gain assurance that its supporting contractors are implementing the 110 requirements to protect its controlled unclassified information (CUI). Nearly all DoD contractors will need to be CMMC compliant or certified to work for DoD.
CMMC requirements should begin to appear in contracts in May of 2023.
What is NIST 800-171?
The majority of CMMC’s requirements are based on NIST 800-171, “Protecting CUI in Nonfederal Systems and Organizations.” Most contractors are ALREADY required to comply with NIST 800-171 per DFARS 252.204-7012, and have been required to comply since December of 2017.
Are you compliant? If not, do you know what steps you need to take?
What Companies need to be CMMC Certified?
All businesses will be required to implement CMMC. CMMC consists of 3 levels, and the requirements vary per level:
- CMMC Level 1
- Implement 17 CMMC practices
- Required for contracts with federal contract information (FCI)
- Contractor is required to perform a self-assessment – no 3rd-party assessment is required
- CMMC Level 2
- Implement 110 CMMC practices
- Required for contracts with CUI
- Nearly all contracts will require a 3rd-party assessment by a C3PAO resulting in CMMC certification
- CMMC Level 3
- Implement 110+ CMMC practices
- Required for DoD’s most critical CUI programs
- All contracts will require a 3rd-party assessment by DIBCAC resulting in CMMC certification
Who is course this for?
This course provides an overview of NIST 800-171 and CMMC. It is delivered in a bottom-line-up-front format and can benefit leadership and practitioners, however, it is not “in the weeds” of the controls, and how to comply with them.
Enroll Now
Arm yourself with the knowledge you need to know to successfully navigate NIST 800-171’s and CMMC’s processes. Don’t let your business fail because you didn’t achieve compliance or certification.
Peer Reviewers
Thank you to the following subject matter experts who peer reviewed this course:
- Koren Wise | Certified CMMC Professional, CMMC Provisional Instructor, CMMC Provisional Assessor Candidate, CMMC Licensed Training Provider, CISSP, PMP
- Paul Veeneman | CMMC Registered Practitioner, CISSP, CISM, CRISC
Closing Thoughts
* Note that this course is not affiliated with the DoD, the CyberAB (formerly known as the CMMC Accreditation Body), or the Cybersecurity Assessor and Instructor Certification Organization (CAICO).
Course Content
Introduction
-
03:07
Types of Information
NIST 800-171 Overview
NIST 800-171 DFARS Clauses
NIST 800-171 DoD Assessment Methodology
FedRAMP
CMMC Overview
CMMC Scoping Guides
CMMC Assessment Guides
CMMC Ecosystem Roles
Action Plan
Closing Thoughts
Student Ratings & Reviews
Jacob Hill did a great job putting all this information together. The content was engaging, relevant, and understandable. There is even a cameo from a current world leader! If your company has DOD contracts that will soon fall under CMMC then this course is for you. He goes through the entire process and explains the levels, steps, and even the organizations and tools needed to ensure you have no issues becoming CMMC compliant.
Excellent course and instructor! Thank you, Jacob Hill, for guiding me through the world of CMMC and I look forward to taking more of your classes in the future.
The information presented in the curriculum provides a wide base explaining the fundamentals of regulation and policy concerning CMMC and FedRAMP and how they will impact your business in the future.
As a Security, Compliance, and Risk Management project manager and vCISO I am required to have an understanding of multiple risk frameworks. I feel the information provided in the course allows me to speak intelligently to a customer about their CMMC and FedRAMP requirements. While simultaneously preparing me to take higher-level courses that will eventually make me a subject matter expert in this area.
If you or your business are looking to one day provide solutions for the Defense Industrial Base (DIB) this course should be your first stop.
The information presented in the curriculum provides a wide base explaining the fundamentals of regulation and policy concerning CMMC and FedRAMP and how they will impact your business in the future.
As a Security, Compliance, and Risk Management project manager and vCISO I am required to have an understanding of multiple risk frameworks. I feel the information provided in the course allows me to speak intelligently to a customer about their CMMC and FedRAMP requirements. While simultaneously preparing me to take higher-level courses that will eventually make me a subject matter expert in this area.
If you or your business are looking to one day provide solutions for the Defense Industrial Base (DIB) this course should be your first stop.
This course is very informative and really very well done. It describes the CMMC process and terminologies very well. The summaries and the resources Jacob provide are very helpful. He covers the material in short clearly separated sections. I think it is perfect for a company who is seeking help and does not know what to expect and where to start. I highly recommend this course to gain knowledge about the CMMC process and requirements. Great job Jacob!
The GRC Academy and Jacob Hill did a great job with this course. I was familiar with the CMMC requirements prior to attending this course, but did learn a bit more about roles in the ecosystem and the requirements within each of the roles.
The course is structured, easy to understand and follow. It is easy to digest for anyone taking the course. Regardless of your position in an organization, it is a course for someone to learn from and become more knowledgeable than he/she was before. Education, training, and awareness are assets.
#grc, #duediligence, #exportcompliance #knowledgeispower #cybersecurity
The course is structured, easy to understand and follow. It is easy to digest for anyone taking the course. Regardless of your position in an organization, it is a course for someone to learn from and become more knowledgeable than he/she was before. Education, training, and awareness are assets.
#grc, #duediligence, #exportcompliance #knowledgeispower #cybersecurity
This course was amazing! I took the opportunity to learn something outside of my comfort zone. This course is engaging and has a lot of hands-on information that is connect to each model that will help fill in knowledge gaps. I highly recommend this course to anyone interested in expanding their knowledge about CMMC!
I just completed the GRC Academy's CMMC training overview for small to medium businesses. The detail and overview that Jacob Hill put into the course work is extraordinary, and well put together. The information for NIST 800-171 controls and CMMC is broken down so anyone can understand the information. I highly recommend to anyone that may be associated with or potentially coming across CMMC level certification to go through this course. It will give you the knowledge and resources you need to be informed.
Just finished the CMMC Overview Training for Small and Medium Businesses (SMB) created by Jacob Hill (CISSP-ISSEP, CEH, ITIL). Thanks for all of your hard work on this course! An excellent resource to pair with the discord channel (https://discord.gg/cooey).
The website (https://lnkd.in/gTxhF9UP) has a ton of valuable information I refer back to often! Check it out! Thanks again Jacob! Well done!
The website (https://lnkd.in/gTxhF9UP) has a ton of valuable information I refer back to often! Check it out! Thanks again Jacob! Well done!
I recently completed the "CMMC Overview Training for Small and Medium Businesses (SMB)" offered by GRC Academy and curated by Jacob Hill (CISSP-ISSEP, CEH, ITIL). CMMC is a cybersecurity compliance and certification framework created by the DoD to ensure that its supporting contractors implement the 110 requirements to protect its controlled unclassified information (CUI). The course was highly engaging, concise, and informative. I strongly recommend this training to anyone interested in learning about security requirements, NIST 800-171, and the CMMC. Almost all DoD contracts require CMMC compliance, so don't miss out!
This course was a great addendum to GRC training to break items down within the CMMC ecosystem. It has a small bite size procedure so you can avoid getting lost in all the details.
I just completed the CMMC overview course by Jacob Hill (CISSP-ISSEP, CEH, ITIL) at GRC Academy. If you are looking to get up to speed on CMMC, This is the course for you! Thank you! #thankyou #grc #grcacademy
If you are looking to get up to speed on CMMC, look no further.
This was my first foray into CMMC, it was interesting how there was some overlap from my previous experience as a Contracting Officers Representative. Putting together contract documents like a SOW or requirements documentation means a bit more than simply copy-pasta clauses that you might not fully understand. If you are a Contracting Officer, COR about to start work on a new contract, or a business owner looking to bid on DoD contract work, take the time and go through the course.
As a business, you really need to start digging into the CMMC levels and the requirements to obtain each. There are a considerable amount of CMMC requirements to go from level 1 to levels 2 and 3.
The course had me thinking about follow on training from GRC Academy. Jacob's presentation style is in my wheelhouse. Little bits of humor and personal experiences kept me engaged. I love his upbeat presentation style as well. His intros for each video always made me smile.
This was my first foray into CMMC, it was interesting how there was some overlap from my previous experience as a Contracting Officers Representative. Putting together contract documents like a SOW or requirements documentation means a bit more than simply copy-pasta clauses that you might not fully understand. If you are a Contracting Officer, COR about to start work on a new contract, or a business owner looking to bid on DoD contract work, take the time and go through the course.
As a business, you really need to start digging into the CMMC levels and the requirements to obtain each. There are a considerable amount of CMMC requirements to go from level 1 to levels 2 and 3.
The course had me thinking about follow on training from GRC Academy. Jacob's presentation style is in my wheelhouse. Little bits of humor and personal experiences kept me engaged. I love his upbeat presentation style as well. His intros for each video always made me smile.
A thorough, paced and well-presented coverage of the CMMC processes and framework. Jacob intersperses candid comment where appropriate, which will add to your smile lines. I am impressed and thankful that Jacob offers this course to Veterans FoC, and I will definitely be looking to the GRC Academy for subsequent CMMC and GRC training and updates.
Sincere kudos and much appreciation, Jacob.
Sincere kudos and much appreciation, Jacob.
Great course with a great deal amount of information that clarifies the many CMMC subjects and geared towards a wide audience. The course structure is easy to follow, keeps you engaged in learning with many references and examples to assist you. The GRC Academy website also has a Blog and Community section that provides additional information.
I recommend this course for anyone looking to gain a better understanding on CMMC and its implementation.
I recommend this course for anyone looking to gain a better understanding on CMMC and its implementation.
Just completed GRC Academy CMMC Overview. Great course describes all the categories and details from the course description. Highly recommend for organization decision makers who contract or would like to contract with DOD.
This course was outstanding! The bite-sized pieces of instruction were delicately balanced between the necessary information to cover and the right amount of it to cover. It was not overwhelming and it was easy to follow. The quizzes added value and reinforced each topic in a no nonsense-type of way. What was even better was that I actually enjoyed the course, it somehow was a bit fun to me!
If you have never heard of CMMC or are considering the certification, this is a great foundational course to familiarize yourself with it. Look no further!
Thank you GRC Academy and Jacob Hill. I look forward to exploring future courses.
Update: I just achieved the CMMC Certified Professional (CCP) certification! This course was such a huge help! It gave me a good foundation for starting my actual CCP course. It should be a pre-requisite for all RP and CCP courses, in my opinion.
If you have never heard of CMMC or are considering the certification, this is a great foundational course to familiarize yourself with it. Look no further!
Thank you GRC Academy and Jacob Hill. I look forward to exploring future courses.
Update: I just achieved the CMMC Certified Professional (CCP) certification! This course was such a huge help! It gave me a good foundation for starting my actual CCP course. It should be a pre-requisite for all RP and CCP courses, in my opinion.
This course provides the broad overview that is required if you are a company executive, audit professional and aspiring governance, risk and compliance novice investigating what CMMC would look like from a practitioner perspective.
Each module is short enough to provide you the needed information. The quiz at the end of each module re-enforces learning that some constructive learning took place. If I needed a refresher of the CMMC foundations this course with continual updates could provide that needed content.
Each module is short enough to provide you the needed information. The quiz at the end of each module re-enforces learning that some constructive learning took place. If I needed a refresher of the CMMC foundations this course with continual updates could provide that needed content.
The training is nothing short of excellent. As if learning and understanding the requirements of CMMC is not confusing enough, this course will help you cut through the confusion (and varied opinions out there) and get you headed on the right path. It will provide you with the knowledge and resources, as well as a plan, to confidently move your company forward with CMMC.
Just completed "CMMC Overview Training for Small and Medium Businesses (SMB)" offered by GRC Academy. For those who don't know, the Cybersecurity Maturity Model Certification (CMMC) 2.0 is a DoD certification and compliance program that will apply to all DoD contractors – it ensures the government that the Defense Industrial Base is protecting its controlled unclassified information in accordance with security requirements.
Huge ‘Thank You’ to GRC Academy and Jacob Hill (CISSP-ISSEP, CEH, ITIL) for putting together such an informative, engaging and comprehensible course that had the right balance of material, case studies, quizzes and personality!
I highly recommend this training for anyone wanting to learn more about security requirements, NIST 800-171 and the CMMC – nearly all DoD contracts will require CMMC so don’t get left behind!
Huge ‘Thank You’ to GRC Academy and Jacob Hill (CISSP-ISSEP, CEH, ITIL) for putting together such an informative, engaging and comprehensible course that had the right balance of material, case studies, quizzes and personality!
I highly recommend this training for anyone wanting to learn more about security requirements, NIST 800-171 and the CMMC – nearly all DoD contracts will require CMMC so don’t get left behind!
Fantastic course by GRC Academy! The information presented was thorough and well worth a learner's time. Jacob Hill went above and beyond by providing users with extensive links for reference and further research into CMMC.
The structure of the course is solid. The concepts start broad and proceed to be specific in focus as the learner dives deeper into the understanding of CMMC. The course is easy to navigate with accessibility features. I thoroughly enjoyed learning about CMMC from GRC Academy and look forward to additional courses in the future.
The structure of the course is solid. The concepts start broad and proceed to be specific in focus as the learner dives deeper into the understanding of CMMC. The course is easy to navigate with accessibility features. I thoroughly enjoyed learning about CMMC from GRC Academy and look forward to additional courses in the future.
I recently worked for a company that provided CMMC compliance work and had I gone through this course prior, it would have made understanding the details and regulations easier.