The CMMC-AB will certify trainers to educate and train the substantial number of professional assessors required ensure that the CMMC standard is applied in a clear and consistent manner.
The current plan is:
  1. In addition to the model and appendices released by the DoD on 31 January 2020, an Assessment Guide is expected from the DoD, which will be a comprehensive, document walking the reader through each of the CMMC described processes and practices.
  2. The CMMC-AB will build the CMMC standard which defines the thresholds of evidence used to validate each control.
  3. The CMMC-AB will release training guidance so that relevant organizations can build a training curriculum.
  4. Build the examinations for prospective assessors to pass in order for the CMMC-AB to qualify them for certification.  
  5. Provide accreditation for CMMC assessor training in universities, continuing education, and companies across the country.
  6. Begin accredited training!


  1. When mentioning CMMC, always place the word DRAFT in front of it, so as not to mislead readers that the standard is complete and released.
  2. Share valid information about the CMMC standard acquired from this site or the Official DoD site located at https://www.acq.osd.mil/cmmc/index.html.
  3. Prepare your clients for CMMC by training and educating them for DFARS regulations and NIST 800-171 guidance.  It is the law and there is an increasing number of audits being performed right now, in 2020.
  4. Become an expert on CMMC by reading the standard, assessment guidance, and training materials that will be published on https://www.acq.osd.mil/cmmc/index.html.  These materials ARE NOT YET AVAILABLE as the standard is not complete and released.  Familiarize now.  Actively prep later.


  1. Do not state that you are an expert on CMMC.  You are not.  The standard was released on 31 January 2020.  No trainer nor educator is currently accredited.  No certified training exists... yet.
  2. Currently, DFARS regulation requires self-assessments under NIST 800-171 guidance.  Do not focus training on future requirements (CMMC) at the expense of current requirements.
  3. Do not charge clients for workshops, seminars, and training that guarantee CMMC compliance.  The CMMC-AB will certify organizations to provide accredited training and provide examinations so that prospective assessors may prove their qualifications.
  4. Do not sell or promote tools that promise CMMC compliance with certainty.  The CMMC-AB will create standards for tool producers to use.  For now, ensure that any tools promoted focus first on completed and released standards, or best practices.
What we don't know...   

We don't know when you will be able to register to become an official trainer or an organization that is certified to provide training.  Think late Q1 or Q2 2020,  but there is much work to complete before that training and certification process will be available.

We do not yet know know the rules for what it takes to be a certified trainer in good standing.

We don't know the fees or details associated with the process.  The CMMC-AB is a nonprofit.  Our fees will reflect the costs of providing an independent, national organization with a leading-edge customer experience.

But wait. We are just getting started. 

Come back here often for detail and sign up below for alerts and emails. 

There is much to come, we will provide information as we build it.


Trainer / Educator Subscribe

For information about the CMMC-AB program delivered right to your inbox, subscribe below.  Your contact details may be shared with assessors and C3PAO's as each member of those communities will require certified training.

Board Ethics

Site Improvements? webmaster@cmmcab.org
© 2020 CMMC (Cybersecurity Maturity Model Certification) Accreditation Body