1 day


Businesses working with the federal government.

Course Description:

DoD is migrating to the new Cybersecurity Maturity Model Framework (CMMC). This new framework is intended to enhance the cybersecurity posture of the Defense Industrial Base (DIB). The CMMC includes assessment and certification to ensure appropriate levels of cybersecurity practices and processes are in place to protect controlled unclassified information (CUI) residing on DoD industry partner networks.
The DoD end goal is for the CMMC Accreditation to be a requirement for all contractors and subcontractors conducting business with the DoD.
The CMMC curriculum was created by cybersecurity practitioners with advanced expertise in the application of government cybersecurity programs.

Learning Objectives

This class introduces the Cybersecurity Maturity Model Certification (CMMC). Upon completion, participants will be able to:

  • Identify who is impacted
  • Identify specific requirements based on relevant regulations
  • Identify when they must be met
  • Differentiate between CMMC Process and Practice maturity descriptions
  • Explain the rationale for replacing the previous requirements with the CMMC
  • Describe how the CMMC applies fundamental cybersecurity risk management principles
  • Support the assessment with relevant documentation

Course Outline:

  • Regulations & Guidance
  • Rationale for the CMMC and impacts to contractors
  • Basic information security and risk management concepts as they relate to CMMC
  • Relevant NIST Guidance (threaded throughout the training)
  • CMMC Model Framework Overview: Capabilities, cyber hygiene practices, processes & maturity levels
  • Regulatory requirements
  • Resources to define CUI
  • Roles and responsibilities
  • NIST SP 800-171 – 30September 2020 Interim Rule Requirements
  • Path to Accreditation
  • Documentation & Project Planning
  • Resources/Summary

Training Goals

The primary goal of IT Dojo’s CMMC Fundamentals training is to provide foundational CMMC knowledge that will help DoD contractors think through the implications of CMMC.
Those seeking more in-depth practical knowledge of specific requirements and steps should consider attending our 3 day CMMC Readiness Workshop.

Who Should Attend?

This course is designed for DoD contractors who have a business drive to meet CMMC requirements. Participants may have varied experiences with cybersecurity.