Cybersecurity Maturity Model Certification (CMMC) Workshop – March 23rd and 25th, 2026 – 6:00 pm to 9:30 pm ET

Course Title: Cybersecurity Maturity Model Certification (CMMC) Workshop
Course Code: CMMC-WS201
Course Level: Basic
Duration: One Day (7 Hours Total)
Delivery: Virtual – Live via Microsoft Teams
Dates: March 23rd & 25th, 2026 (6:00 PM – 9:30 PM ET each evening)
CPEs: 7
Course Prerequisites: None

Course Overview

Join ISSA-NOVA for an intensive virtual workshop, Cybersecurity Maturity Model Certification (CMMC) Workshop, designed to provide participants with a comprehensive understanding of CMMC requirements and the steps necessary to achieve and sustain certification.

This program introduces the Cybersecurity Maturity Model Certification (CMMC) framework and explains how organizations supporting Department of Defense (DoD) contracts can prepare for certification. Participants will examine how CMMC aligns with NIST-based cybersecurity practices, and how organizations can evaluate their current cybersecurity posture against the framework.

The workshop focuses on practical implementation strategies including CMMC scoping, readiness self-assessments, gap analysis, remediation planning, and documentation preparation. Through guided instruction and practical exercises, participants will learn how to prepare their organizations for CMMC assessments and maintain ongoing compliance.

Participants will also gain insight into identifying Controlled Unclassified Information (CUI) and Federal Contract Information (FCI), defining the appropriate boundaries for CMMC scope, preparing key documentation such as System Security Plans (SSPs), and capturing evidence necessary to support certification.

This workshop awards 7 Continuing Professional Education (CPE) credits upon completion.

Course Format

A structured, live virtual learning experience combining:

Instructor-led lectures
Facilitated discussion
Structured working sessions
Practical exercises focused on CMMC readiness

The format emphasizes high-density content delivery, defensibility-focused implementation strategies, and practical compliance preparation.

Course Materials Include

Participants will receive:

A comprehensive slide deck aligned to CMMC 2.0 requirements
Case studies and structured scenario exercises
Quizzes for reinforcement learning
Online reference resources

Learning Objectives

By the end of this course, participants will be able to:

Explain the purpose and history of the Cybersecurity Maturity Model Certification (CMMC).
Compare key differences between CMMC 1.0 and CMMC 2.0.
Describe the 14 CMMC domains and their relationship to NIST security controls.
Provide examples of practices and processes required across maturity levels.
Differentiate between Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
Determine organizational and system boundaries when defining CMMC scope.
Conduct a CMMC readiness self-assessment to evaluate compliance.
Identify and prioritize gaps through a structured gap analysis.
Develop a Plan of Action & Milestones (POA&M) to address deficiencies.
Implement strategies to remediate missing or incomplete security controls.
Prepare key artifacts such as policies, procedures, and System Security Plans (SSPs).
Capture and maintain evidence to support CMMC certification.
Explain the role of a Certified Third-Party Assessment Organization (C3PAO).
Prepare effectively for an official CMMC assessment.
Maintain cybersecurity maturity through continuous monitoring and incident response.
Leverage sustained CMMC compliance as a competitive advantage in DoD contracting.

Table of Contents

Module 0 – Introduction and Course Overview

Course structure and objectives
Overview of CMMC certification requirements
Workshop expectations and learning approach

Module 1 – Introduction to CMMC

Purpose and history of the CMMC program
Evolution from CMMC 1.0 to CMMC 2.0
Relationship to Department of Defense cybersecurity requirements

Module 2 – Understanding CMMC Domains and Practices

Overview of the 14 CMMC domains
Practices and processes across maturity levels
Relationship between CMMC practices and NIST controls

Module 3 – Scoping and Determining Applicability

Identifying CUI and FCI
Defining organizational and system boundaries
Determining which systems fall within CMMC scope

Module 4 – Self-Assessment and Gap Analysis

Conducting a readiness self-assessment
Evaluating current cybersecurity posture
Identifying and prioritizing compliance gaps

Module 5 – Developing and Implementing Remediation Plans

Creating Plans of Action & Milestones (POA&Ms)
Prioritizing remediation activities
Addressing missing or incomplete security practices

Module 6 – Documentation and Evidence Preparation

Developing System Security Plans (SSPs)
Preparing policies, procedures, and compliance artifacts
Capturing and maintaining assessment evidence

Module 7 – Working with Assessors and the Certification Process

Understanding the role of Certified Third-Party Assessment Organizations (C3PAOs)
Preparing for formal assessments
Managing assessment interviews and evidence reviews

Module 8 – Sustaining Compliance and Continuous Improvement

Continuous monitoring strategies
Maintaining cybersecurity maturity
Using CMMC compliance to support DoD contracting opportunities

Who Should Attend

This workshop is ideal for:

Cybersecurity professionals supporting defense contractors
Information System Security Officers (ISSOs)
Information System Security Managers (ISSMs)
Governance, Risk, and Compliance (GRC) professionals
Security engineers and architects working with DoD systems
Program managers supporting defense contracts
IT and cybersecurity staff responsible for CMMC readiness

Pricing

ISSA-NOVA Members: Free

Members of Other ISSA Chapters: $50

Non-Members: $150

Each participant earns 7 CPEs and receives a certificate of completion based on attendance.

Registration

Registration closes prior to the event date.

REGISTER: ISSA-NOVA Members Link:
https://docs.google.com/forms/d/e/1FAIpQLSdr8IUeA4U9KbL4JlNskrmIU4KYVqoa0qWR0ly-B20NshaUlA/viewform?usp=header

REGISTER: Members of Other ISSA Chapters Link:
https://square.link/u/vRP5LPVk

REGISTER: Non-Members Link:
https://square.link/u/HMHSCOv3

REGISTER: Non-Members Link: https://square.link/u/M4iEmrld

Comments from Prior CMMC Workshop Attendees

“Excellent class. I learned a lot. Jim is the best instructor I have ever had. Thank you so much Jim.”

“Great Class!”

“Great Presentation enjoy the class interaction.”

“The course was very informative and the instructor made the session engaging.”

“Course was effective and clear. Understand more about CMMC than I did before.”

“Jim’s class was highly engaging and informative”

“Very great course.”

“Great presentation/course!”

“Well established and well presented.”

“Excellent class and materials!”

“Excellent overview of CMMC.”

Instructor

Jim Wiggins
AAISM, AAIA, AIGP, CISM, CISA, CRISC, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, FITSP-M, CGEIT, MCITP, MCSE (Security), MCSE (Messaging), MCSA, MCDST, Server+, Network+, A+, CDPSE, CIPP/US, PMP, ICE-CCP, DACUM Facilitator

Jim Wiggins is a cybersecurity and IT governance expert with over 29 years of industry experience, including 24 years dedicated to information security.

He is the Founder and CEO of Securible, LLC and the Founder and CEO of the Federal IT Security Institute (FITSI), an ANSI National Accreditation Board (ANAB) accredited ISO 17024 certification body supporting the federal cybersecurity workforce.

Jim has trained more than 20,000 cybersecurity professionals and has delivered training for organizations including the Department of the Interior University, DISA, CISA’s National Risk Management Center, and major professional associations. He is a Federal 100 Award recipient and FISSEA Educator of the Year.

Related Posts