• Online, Self-Paced

Learning Objectives

  • Types of information
    • Federal Contract Information (FCI)
    • Controlled Unclassified Information (CUI)
    • Government's CUI program
  • NIST 800-171
    • NIST 800-171
    • Artifacts such as the system security plan (SSP) and POA&M
  • Contractual Requirements
    • FAR and DFARS
    • DFARS 252.204-7012 - Safeguarding Covered Defense Information and Cyber Incident
    • DFARS 252.204-7019 - Notice of NIST SP 800-171 DoD Assessment Requirements
    • DFARS 252.204-7020 - NIST SP 800-171 DoD Assessment Requirements
    • DFARS 252.204-7021 - CMMC Requirements
  • CMMC
    • CMMC levels 1, 2, and 3
    • CMMC timeline
    • CMMC implications for Managed Services Providers (MSPs)
    • Joint Surveillance Voluntary Assessments (JSVAs)
    • Roles in the CMMC ecosystem such as the Cyber AB, CAICO, C3PAOs, RPOs, and more
    • 5-step action plan

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):