4.94 (109)

CMMC Overview Training for Defense Contractors (DIB)

Categories: CMMC, NIST

Play Video

Course Information

Are you overwhelmed by CMMC? This course will save you WEEKS of research and set you up for success as you prepare for CMMC!

This course provides you with the essential knowledge you need to confidently make those critical (and costly) decisions, such as understanding which CMMC level you should pursue, selecting a compliant MSP, or choosing compliant cloud solutions, all of which are crucial for achieving CMMC certification.

Jacob Hill is leading the CMMC charge at a defense contractor and created this course specifically for other contractors so they can quickly get up to speed on CMMC!

Interested in more than 25 licenses? Contact us for bulk discounts.

Who Should Take This Course?

This overview course is for defense contractor personnel who need an in-depth understanding of CMMC.

Do you need to educate the rest of your organization? Check out our CMMC Awareness Training.

This course is also available for sale to government on GSA Advantage.

Why Should You Take This Course?

CMMC certification (or compliance) will be required to win DoD contracts.

Jacob Hill has been leading the CMMC charge at a small business for several years, and he also previously served in the government as a DoD Contracting Officer Representative (COR). His unique background allows him to simplify complicated topics.

The course is taught in a series of online micro-lectures that are delivered in a focused bottom-line-up-front format and provides a comprehensive overview of your FAR and DFARS cyber contractual requirements.

What is CMMC?

Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity compliance and certification program which the United States Department of Defense (DoD) created that is focused on gaining assurance that its supporting contractors are implementing the 110 requirements to protect its controlled unclassified information (CUI). Nearly all DoD contractors will need to be CMMC compliant or certified to be able to do business with the DoD.

CMMC requirements should begin to appear in contracts by the summer of 2025.

What is NIST 800-171?

The majority of CMMC’s requirements are based on NIST 800-171, “Protecting CUI in Nonfederal Systems and Organizations.” Most contractors are ALREADY required to comply with NIST 800-171 per DFARS 252.204-7012, and have been required to comply since December of 2017.

Are you compliant? If not, do you know what steps you need to take?

What Companies need to be CMMC Certified?

Nearly all DoD contractors will be required to comply with CMMC in some manner. CMMC consists of 3 levels, and the requirements vary per level:

  • CMMC Level 1
    • Implement 15 CMMC controls
    • Required for contracts with federal contract information (FCI)
    • Contractor is required to perform a self-assessment – no 3rd-party assessment is required
  • CMMC Level 2
    • Implement 110 CMMC controls
    • Required for contracts with CUI
    • Nearly all contracts will require a 3rd-party assessment by a C3PAO resulting in CMMC certification
  • CMMC Level 3
    • Implement 24 additional CMMC controls
    • Required for DoD’s most critical CUI programs
    • All contracts will require a 3rd-party assessment by DIBCAC resulting in CMMC certification

CMMC is an evolving field, and this course will be updated as changes occur. This course will be completely UPDATED based on the CMMC Program final rule in February 2025!

Enroll Now

Arm yourself with the knowledge you need to successfully navigate the processes of NIST 800-171 and CMMC. Don’t let your business fail because you didn’t achieve compliance or certification.

*This has been created for the DIB by a member of the DIB, and is not affiliated with the DoD, the CyberAB (also known as the CMMC Accreditation Body) or the Cybersecurity Assessor and Instructor Certification Organization (CAICO).

Peer Reviewers

Thank you to the following subject matter experts who peer reviewed this course:

Featured Reviews

Jordan Watson

- 09/19/2024
(5)

Today, I completed the CMMC Overview Training, and it was an amazing experience! The content of this course was likely the most accessible and engaging educational experience I’ve encountered. The lectures were energetic, keeping me fully engaged throughout. Excellent work, GRC Academy!

Although the course content duration was just under four hours, I took additional time (week) to ensure a thorough understanding of the material and to review the resources provided. The course covered CMMC 2.0 Levels 1-3, with a breakdown of each, and so much more!

My favorite sections were the Action Plan and Assessment modules. @Jacob Hill does a great job of ensuring the key concepts are clear while pointing to additional resources for deeper exploration.

This course has truly motivated me to continue learning more about CMMC!

View Credly Badge
Show More

Shauna Weatherly

- 10/18/2023
(5)

This is the course I wish I’d had as a Contracting Officer’s Representative (COR) five years ago while I was working two large critical Government wide contracts with large financial institutions as they went the documentation, asset inventory, assessment, POA&M process, monitoring, and incident reporting.

This course is the PERFECT breakdown of the topic! BRAVO to Jacob Hill and GRC Academy for pulling difficult material together in a methodical, comprehensive, and easy to follow manner. I am sending the link for this course to my former Government counterparts and clients in need of a straight-forward resource with links to source documents.

View Credly Badge
Show More

Tiffany Laitola

- 02/07/2023
(5)

This course was outstanding! The bite-sized pieces of instruction were delicately balanced between the necessary information to cover and the right amount of it to cover. It was not overwhelming and it was easy to follow. The quizzes added value and reinforced each topic in a no nonsense-type of way. What was even better was that I actually enjoyed the course, it somehow was a bit fun to me!

If you have never heard of CMMC or are considering the certification, this is a great foundational course to familiarize yourself with it. Look no further!

Thank you GRC Academy and Jacob Hill. I look forward to exploring future courses.

Update: I just achieved the CMMC Certified Professional (CCP) certification! This course was such a huge help! It gave me a good foundation for starting my actual CCP course. It should be a pre-requisite for all RP and CCP courses, in my opinion.

View Credly Badge
Show More

Kelsey Morris

- 02/01/2023
(5)

The training is nothing short of excellent. As if learning and understanding the requirements of CMMC is not confusing enough, this course will help you cut through the confusion (and varied opinions out there) and get you headed on the right path. It will provide you with the knowledge and resources, as well as a plan, to confidently move your company forward with CMMC.

View Credly Badge
Show More

What Will You Learn

  • What is Federal Contract Information (FCI)
  • What is Controlled Unclassified Information (CUI)
  • The history of NIST 800-171 & CMMC and what it means to you
  • What DFARS 252.204-7012, 7019, 7020, and 7021 mean to you
  • How to comply with NIST 800-171
  • The 110 NIST 800-171 security requirements
  • How to calculate a NIST 800-171 score per the DoD assessment methodology
  • How NIST 800-171 relates to CMMC
  • The 3 levels of CMMC
  • When CMMC will be required
  • What is a Joint Surveillance Voluntary Assessment (JSVA)
  • Which CMMC levels require self-assessment & 3rd-party assessment
  • Roles in the CMMC assessment ecosystem
  • How to scope for CMMC
  • How to prepare for a CMMC assessment
  • How to get CMMC certified
  • CMMC and Managed Service Providers (MSPs)
  • Action plan

Course Content

Introduction00:03:45
  • All Levels
  • 312 Total Enrolled

  • 3 Hours 32 Minutes Duration

  • 49 Lectures

  • 12-Month Access
  • January 10, 2025 Last Updated

A course by

GRC Academy

Taught by

Founder of GRC Academy | CISSP-ISSEP, CCP

Peer Reviewed by

CCP, CMMC PI/PA Candidate, CMMC LTP, CISSP, PMP
CMMC RP, CISSP, CISM, CRISC

Material Includes

  • Spreadsheet with NIST 800-171, NIST 800-171A, and CMMC controls

Audience

  • DoD contractors
  • Defense Industrial Base (DIB)
  • Federal contractors
  • Small Businesses
  • Medium Businesses
  • Large Businesses
  • Government Entities
  • Anyone who wants an in-depth understanding NIST 800-171 and CMMC

4.94-Star Rating | 109 Course Reviews

Course Reviews

Dorin Barboiu

- 01/06/2025
(5)

All Good.

Show More

Shell Vera

- 01/06/2025
(5)

The time and effort Jacob put into this course to ensure the material sinks in
and comes through without being dry is evident. I loved his jokes and humor as
he shared why things were important, shared some of the nuances of the
program, and helped us understand why this program is important and how we can
implement it within our organizations.

I especially liked that each section contained a quiz, so I could test my
knowledge as I moved forward versus waiting until to the end to learn what I
needed to study up on a bit more. I used this course as a preamble to taking
the full CCP course so I could earn my certification and highly recommend it
to anyone who is looking to get a referesher or who is new to CMMC and wants
to understand an overview of the program, how to scope it, and how to find the
appropriate support for your organization if you are going to be working with
DoD contracts at various levels.

Thank you, Jacob, for helping me feel more confident about my understanding of
the CMMC program and feeling better prepared to take the CCP course this
month!

Show More

John Uhl

- 01/05/2025
(4)

Good course – covers a lot of material. Due to the plethora of acronyms for
government organizations/regulations, it could be improved by more closely
coordinating the bullet points onscreen with the vocal instruction. Overall,
very informative !

Show More

Joel Furnari

- 01/04/2025
(5)

A lot of information to ingest as typical with anything government related,
there are a ton of acronyms. Even though I was not a fan of the sub 2 minute
lectures, I understand why they were broken up this way which helped reaffirm
the information presented. I am pretty sure I will be watching some of these
lectures a few more times.

Show More

Hannah Stead

- 01/03/2025
(5)

Very informal

Show More

- 12/23/2024
(5)

I thought it was insightful. A lot of real world examples were given and it
was informative while being very entertaining. I got through it quite quickly.
The quizzes at the end of each section along the path were helpful in
maintaining that knowledge. Thank You GRC Academy!

Show More

Similoluwa Sule

- 12/19/2024
(5)

Awesome course. Would like to see more courses that focuses on interpreting
and implementing the NIST 800-171 security controls.

View Credly Badge
Show More

Colt Sutton

- 12/13/2024
(5)

Thorough and a great course to get an introduction to the CMMC ecosystem.

Show More

ronald Prendergast

- 12/05/2024
(5)

Well put together and easy to follow

View Credly Badge
Show More

Robert Valenza

- 11/27/2024
(5)

Very thorough and informative.

Show More

Susan Nestor

- 11/15/2024
(5)

Helped to better understand the CMMC requirements

Show More

Scott Beer

- 11/01/2024
(5)

This is a great Overview of CMMC. Covers all the associated topics and
provides excellent references.

Show More

Phil Cracknell

- 10/23/2024
(5)

Awesome materials and brilliantly constructed and delivered

Show More

Hiram Diaz

- 10/21/2024
(5)

I like that the sections are short.

View Credly Badge
Show More

Christina Sames

- 10/17/2024
(5)

Helpful explanation of the information

Show More