4.97(68)

CMMC Overview Training for Defense Contractors (DIB)

Categories: CMMC, NIST

Play Video

Course Information

Are you overwhelmed by CMMC? This course will save you WEEKS of research and set you up for success as you prepare for CMMC!

This course has been completely UPDATED based on the December 2023 CMMC Program proposed rule!

Who is this course for?

Most CMMC training is geared towards assessors and consultants, but our CMMC Overview course focuses on defense contractors and others who need an in-depth understanding of CMMC!

For executives and others who are not in the weeds of CMMC, we recommend our CMMC Awareness Training.

The course provides a comprehensive overview of the FAR and DFARS cyber contractual requirements, NIST 800-171, and CMMC!

It is ideal for organizations in the Defense Industrial Base (DIB) who need to comply with CMMC, as well as government personnel who manage DoD contracts and contractors – the course is also available for sale to government on GSA Advantage.

Jacob Hill has been leading a small business towards CMMC certification for several years, and he also previously served as a DoD Contracting Officer Representative (COR)! His unique background allows him to simplify complicated topics.

The course is delivered in a bottom-line-up-front format and can benefit both leadership and practitioners, and even CMMC-focused sales teams. It does not go “into the weeds” of the security controls and strategies to comply with them, but rather focuses on the overall process.

It is also an excellent primer for the CMMC Certified Professional (CCP) certification.

CMMC is an evolving topic, and the course will be updated as new information becomes available.

Enroll Now

What is CMMC?

Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity compliance and certification program which the United States Department of Defense (DoD) created that is focused on gaining assurance that its supporting contractors are implementing the 110 requirements to protect its controlled unclassified information (CUI). Nearly all DoD contractors will need to be CMMC compliant or certified to be able to do business with the DoD.

CMMC requirements should begin to appear in contracts 2025.

What is NIST 800-171?

The majority of CMMC’s requirements are based on NIST 800-171, “Protecting CUI in Nonfederal Systems and Organizations.” Most contractors are ALREADY required to comply with NIST 800-171 per DFARS 252.204-7012, and have been required to comply since December of 2017.

Are you compliant? If not, do you know what steps you need to take?

What Companies need to be CMMC Certified?

Nearly all DoD contractors will be required to comply with CMMC in some manner. CMMC consists of 3 levels, and the requirements vary per level:

  • CMMC Level 1
    • Implement 15 CMMC controls
    • Required for contracts with federal contract information (FCI)
    • Contractor is required to perform a self-assessment – no 3rd-party assessment is required
  • CMMC Level 2
    • Implement 110 CMMC controls
    • Required for contracts with CUI
    • Nearly all contracts will require a 3rd-party assessment by a C3PAO resulting in CMMC certification
  • CMMC Level 3
    • Implement 24 additional CMMC controls
    • Required for DoD’s most critical CUI programs
    • All contracts will require a 3rd-party assessment by DIBCAC resulting in CMMC certification

Enroll Now

Arm yourself with the knowledge you need to know to successfully navigate NIST 800-171’s and CMMC’s processes. Don’t let your business fail because you didn’t achieve compliance or certification.

Peer Reviewers

Thank you to the following subject matter experts who peer reviewed this course:

Closing Thoughts

*  Note that this course is not affiliated with the DoD, the CyberAB (also known as the CMMC Accreditation Body), or the Cybersecurity Assessor and Instructor Certification Organization (CAICO).

Enroll Now

Featured Reviews

Travis Griffith

- 12/01/2023
(5)

Greetings, everyone! This course is an absolute must-have for anyone who is looking to navigate the complex twists and turns of the CMMC and other Government Standards. Jacob is extremely thorough in his presentation, and the fact that he personally provides you with instruction is a major, major benefit. His expertise shines through in every video, and when you take the quizzes at the end of the sections, you’ll be pleasantly surprised at how much new knowledge you’ve retained.

My team considers GRC Academy to be The Definitive Course for anyone seeking CMMC and other Government Requirements training. GRC Academy doesn’t cut corners, and you’ll see that right away. The training moves at a great pace without wasting time, and it repeats information enough for you to retain it with clarity.

It’s an extremely reasonable investment to get you months or years ahead on knowledge that would have otherwise been scattered all over the map. I estimate that Jacob’s course, materials, and quizzes, have saved me over 10 weeks of research and grinding out details.

Show More

Shauna Weatherly

- 10/18/2023
(5)

This is the course I wish I’d had as a Contracting Officer’s Representative (COR) five years ago while I was working two large critical Government wide contracts with large financial institutions as they went the documentation, asset inventory, assessment, POA&M process, monitoring, and incident reporting.

This course is the PERFECT breakdown of the topic! BRAVO to Jacob Hill and GRC Academy for pulling difficult material together in a methodical, comprehensive, and easy to follow manner. I am sending the link for this course to my former Government counterparts and clients in need of a straight-forward resource with links to source documents.

View Credly Badge
Show More

Tiffany Laitola

- 02/07/2023
(5)

This course was outstanding! The bite-sized pieces of instruction were delicately balanced between the necessary information to cover and the right amount of it to cover. It was not overwhelming and it was easy to follow. The quizzes added value and reinforced each topic in a no nonsense-type of way. What was even better was that I actually enjoyed the course, it somehow was a bit fun to me!

If you have never heard of CMMC or are considering the certification, this is a great foundational course to familiarize yourself with it. Look no further!

Thank you GRC Academy and Jacob Hill. I look forward to exploring future courses.

Update: I just achieved the CMMC Certified Professional (CCP) certification! This course was such a huge help! It gave me a good foundation for starting my actual CCP course. It should be a pre-requisite for all RP and CCP courses, in my opinion.

View Credly Badge
Show More

Kelsey Morris

- 02/01/2023
(5)

The training is nothing short of excellent. As if learning and understanding the requirements of CMMC is not confusing enough, this course will help you cut through the confusion (and varied opinions out there) and get you headed on the right path. It will provide you with the knowledge and resources, as well as a plan, to confidently move your company forward with CMMC.

View Credly Badge
Show More

What Will You Learn

  • What is Federal Contract Information (FCI)
  • What is Controlled Unclassified Information (CUI)
  • The history of NIST 800-171 & CMMC and what it means to you
  • What DFARS 252.204-7012, 7019, 7020, and 7021 mean to you
  • How to comply with NIST 800-171
  • The 110 NIST 800-171 security requirements
  • How to calculate a NIST 800-171 score per the DoD assessment methodology
  • How NIST 800-171 relates to CMMC
  • The 3 levels of CMMC
  • When CMMC will be required
  • What is a Joint Surveillance Voluntary Assessment (JSVA)
  • Which CMMC levels require self-assessment & 3rd-party assessment
  • Roles in the CMMC assessment ecosystem
  • How to scope for CMMC
  • How to prepare for a CMMC assessment
  • How to get CMMC certified
  • CMMC and Managed Service Providers (MSPs)
  • Action plan

Course Content

Introduction00:03:45

4.97-Star Rating | 68 Course Reviews

Course Reviews

Jeff Dyer

- 03/26/2024
(5)

As a Microsoft Group Policy and Intune Configuration Profiles SME, I know about CIS Benchmarks compliance but had no knowledge of “NIST” requirements. After a few hours, I now feel fully educated on the overall process (with all the included acronyms) that a 3rd party contractor needs to pursue a level 1, 2 or 3 contract with the government. Thank you!

Show More

Ashley Vazquez

- 03/21/2024
(5)

Excellent course!! I enjoyed being able to pick up a lot of information in pieces. The course was laid out very well and tied together in a great way at the end. The quizzes at the end of each section were very helpful and in line to the main points captured in my notes. The resources alone are a fantastic value and I am excited to use them! I would recommend this course to any cyber security professional.

View Credly Badge
Show More

Angel Godinez

- 03/14/2024
(4)

Great information and start to understanding CMMC.

View Credly Badge
Show More

Sammy Murphy

- 03/12/2024
(5)

I had recently entered a new role and this course helped me get up to speed and have meaningful conversations with my (already very knowledgeable) supervisor! I am very grateful for this resource and would definitely recommend it to others. I also only encountered one technical issue and it was resolved incredibly quickly!

View Credly Badge
Show More

Matt Favreau

- 03/07/2024
(4)

Great course.

Show More

Sean Beech

- 02/13/2024
(5)

Being new to the world of governance, risk, and compliance; this course has helped provide a tremendous help in understanding an overview of CMMC. Jacob has done a fabulous job of providing information and guidance, to help make CMMC easier to digest. Thank you for the outstanding work and continued effort, Jacob!

View Credly Badge
Show More

Gerald Onyekwe

- 02/05/2024
(5)

Thanks to Jacob for putting out this CMMC course. This course addresses the different maturity levels defined by CMMC and provides insights into the specific requirements for each level. I highly recommend this course for anyone that wants to get a comprehensive overview of the CMMC model.

Show More

Sally Tamayo

- 02/04/2024
(5)

Very informational, I just wish it would have given me the right answers to the quizzes once I passed it so that I could learn from it.

View Credly Badge
Show More

Anthony Woolf

- 01/26/2024
(5)

Nicely done. I have coworkers from my team also taking this course. I like that you are receptive to feedback and are updating the course based on the latest information.

Show More

Terri Valentine

- 01/25/2024
(5)

Very insightful course on CMMC. Highly knowledgeable and motivated presenter. The material presented was concise and easy to understand.  

View Credly Badge
Show More
  • All Levels
  • 240 Total Enrolled

  • 3 Hours 32 Minutes Duration

  • 49 Lectures

  • 12-Month Access
  • March 7, 2024 Last Updated

A course by

GRC Academy

Taught by

Founder of GRC Academy | CISSP-ISSEP, CCP

Peer Reviewed by

CCP, CMMC PI/PA Candidate, CMMC LTP, CISSP, PMP
CMMC RP, CISSP, CISM, CRISC

Material Includes

  • Spreadsheet with NIST 800-171, NIST 800-171A, and CMMC controls

Audience

  • DoD contractors
  • Defense Industrial Base (DIB)
  • Federal contractors
  • Small Businesses
  • Medium Businesses
  • Large Businesses
  • Government Entities
  • Anyone who wants an in-depth understanding NIST 800-171 and CMMC