Information Technology

CMMC: Organizational Foundations v2.2

The Cybersecurity Maturity Model Certification (CMMC), managed by The Cyber AB (formerly known as the CMMC Accreditation Body or the CMMC-AB), is a program through which an organization’s cybersecurity program maturity is measured by their initial and ongoing compliance with applicable cybersecurity practices, as well as their integration of corresponding policies and plans into their overall business operations. Once rule-making has concluded and CMMC 2.0 has been implemented, all organizations providing products or services to the United States Department of Defense (DoD) must comply with the requirements of their applicable CMMC Level. This course provides a complete review of the key elements of this important program.

5 Days 40 Hrs 10 Lessons

Course Objectives

In this course, you will learn about the CMMC Model, framework, context, and application within the DoD, as well as the expectations and requirements imposed upon organizations that do business with the DoD. You will:

Identify the threats to the Defense Supply Chain and the established regulations and standards for managing the risk. Identify the sensitive information that needs to be protected within the Defense Supply Chain and how to manage it. Describe how the CMMC Model ensures compliance with federal acquisitions regulations. Identify responsibilities of the Certified CMMC Professional, including appropriate ethical behavior. Establish the Certification and Assessment scope boundaries for evaluating the systems that protect regulated information. Prepare the OSC for an Assessment by evaluating readiness. Use the CMMC Assessment Guides to determine and assess the Evidence for practices. Implement and evaluate practices required to meet CMMC Level 1. Identify the practices required to meet CMMC Level 2. Work through the CMMC Assessment process.

Agenda

Topic A: Identify Threats to the Defense Supply Chain
Topic B: Identify Regulatory Responses against Threats

Topic A: Identify Sensitive Information
Topic B: Manage the Sensitive Information

Topic A: Describe the CMMC Model Architecture
Topic B: Define the CMMC Program and Its Ecosystem
Topic C: Define Self-Assessments

Topic A: Identify Responsibilities of the CCP
Topic B: Demonstrate Appropriate Ethics and Behavior

Topic A: Use the CMMC Assessment Scope Documentation
Topic B: Get Oriented to the OSC Environment
Topic C: Determine How Sensitive Information Moves
Topic D: Identify Systems in Scope
Topic E: Limit Scope

Topic A: Foster a Mature Cybersecurity Culture
Topic B: Evaluate Readiness

Topic A: Determine Evidence
Topic B: Assess the Practices Using the CMMC Assessment Guides

Topic A: Identify CMMC Level 1 Domains and Practices
Topic B: Perform a CMMC Level 1 Gap Analysis
Topic C: Assess CMMC Level 1 Practices

Topic A: Identify CMMC Level 2 Practices

Topic A: Identify Assessment Roles and Responsibilities
Topic B: Plan and Prepare the Assessment
Topic C: Conduct the Assessment
Topic D: Report the Assessment Results
Topic E: Conduct the CMMC POA&M Close-Out Assessment

FREE

Interested in course?

Buy Course

Course Type: Instructor Led

course

CMMC: Organizational Foundations v2.2

Course Objectives

Agenda

Lesson 1: Lesson 1: Managing Risk within the Defense Supply Chain

Lesson 2: Lesson 2: Handling Sensitive Information

Lesson 3: Lesson 3: Ensuring Compliance through CMMC

Lesson 4: Lesson 4: Performing CCP Responsibilities

Lesson 5: Lesson 5: Scoping Certification and Assessment Boundaries

Lesson 6: Lesson 6: Preparing the OSC

Lesson 7: Lesson 7: Determining and Assessing Evidence

Lesson 8: Lesson 8: Implementing and Evaluating Level 1

Lesson 9: Lesson 9: Identifying Level 2 Practices

Lesson 10: Lesson 10: Working through an Assessment

Tags

FREE