What is a CMMC Certified Professional?

A Cybersecurity Maturity Model Certificate (CMMC) Certified Professional (CP) is a designation for professionals with verified knowledge of the CMMC framework, model, context, and application within the DoD. It is an entry-level certification and prerequisite for becoming a certified assessor or instructor. The CMMC contains a variety of best practices intended to help evaluate and measure a defense contractors’ capabilities and level of sophistication at implementing a cybersecurity program. 

Why is CMMC CP Certification Important?

A CMMC Certified Professional has a comprehensive understanding of the Cybersecurity Maturity Model Certification (CMMC) model and its requirements. Companies are not allowed to self-certify under CMMC; they must undergo an audit by a certified third-party assessment organization (C3PAO) or an accredited individual assessor to achieve compliance. The CMMC CP is a prerequisite to become a Certified Assessor and Certified Instructor. 

The CMMC CP is prepared to: 

  • Identify, describe, and compare the roles and responsibilities of each member of the CMMC-Accreditation Body (CMMC-AB) ecosystem
  • Know what are the CMMC assessment methodology phases
  • Identify and mitigate ethical concerns based on CMMC-AB Code of Professional Conduct
  • Define and determine the roles and responsibilities for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).

Who Needs a CMMC CP Credential?

The credential is valuable for any organization that has or is seeking a contract with the DoD. It offers verified assurance and confidence for organization’s, consulting agencies and external organizations seeking CMMC guidance and/or certification. 

How to Get CMMC CP Certified

To qualify for the exam, you must have a college degree or equivalent experience in a technical field or at least two years of cybersecurity field experience. In addition, you must complete a mandatory DoD Training and a CMMC CP course. 

Who is the Certifying Association?

The CMMC-Accreditation Body (CMMC-AB) is an independent organization established in 2020 designed to meet the DoD CMMC program mission. The DoD has since reestablished and designated the CMMC-AB as its sole, authorized partner for the CMMC. The CMMC-AB plays a key role within the entire CMMC ecosystem. The CMMC-AB is required to achieve compliance with the ISO/IEC 17011.

Requirements to Stay Certified

Most cybersecurity certifications are valid for three years and require a certain number of continuing education credits to remain valid.