This is the main content of the page.
Thank you for your interest in joining the CMMC ecosystem. Becoming a DoD CMMC Level 2 Assessor is an opportunity to contribute to the defense of our nation, as well as a personal opportunity to expand your skills in cybersecurity and assessing.
Before you start your Assessor journey it’s important to understand the process and requirements for becoming an Assessor. First, there are two roles the CMMC Certified Professional (CCP) and the CMMC Certified Assessor (CCA), you must become a certified CCP before pursuing CCA training and certification.
To begin, start by pursuing your CMMC Certified Professional certification. To be successful in this program, below is the recommended educational and/or experience for the CCP program:
To achieve your certification and to receive your CCP badge and be listed on The Cyber AB Marketplace, all of the following requirements must be met.
Note: You may not be planning to become a CMMC Assessor but find obtaining your CCP is important for demonstrating your CMMC knowledge. Therefore, if you successfully complete your CCP training and pass your CCP examination, you will receive a certificate from the CAICO to demonstrate this achievement to others.
Note: As a CCP holding a favorable Tier 3 determination, you can participate on a CMMC Level 2 Assessment, only to verify Level 1 practices. As a CCP, you cannot make any final determinations on a CMMC assessment. Those final determinations can only be made by a CCA or a Lead CCA.
Once you have achieved your CCP certification, you’re ready to start the process to become a CMMC Certified Assessor (CCA) who can participate on CMMC Level 2 assessments for the DoD.
To achieve your certification and to receive your CCA badge and be listed on The Cyber AB Marketplace, all of the following requirements must be met.
Note: You may not be planning to become a CMMC Assessor but find obtaining your CCA is important for demonstrating your CMMC knowledge. Therefore, if you successfully complete your CCA training and pass your CCA examination, you will receive a certificate from the CAICO to demonstrate your achievement to others.
Note: please check this site as the DoD may update qualifying certifications on this page. Below is a table of qualifying certifications for CCAs as of October 2024.
Please review the Requirements Grid below to begin the process. For more detailed requirements click here.
To review registration and testing information for the CMMC Certification Examinations click here.
* Please be advised application submissions have a one (1) year expiration period. If you do not take the next steps to complete the process, for example training and testing, for the related to which you applied,your application will expire one (1) year from applying. You will lose any fees paid and will have to re-apply to start the application process over.
*All fees are inclusive of application processing and membership registration which are non-refundable (please see Refund Policy). Schedule does not include any training, testing or examination fees.
Upon successful completion of the process, all candidates will be presented with additional information to include the authorized use of digital credentials in business materials, listing in the CMMC Central Marketplace and access to the Cyber AB's community updates.
An individual
CCP Enroll Here
A CCP is a person seeking to become responsible for the assessment, examination, verification, and review of an organization for compliance to a respective level of CMMC standards. They will utilize compliance checklists prescribed by the CMMC standard to control scope and ensure fairness in applied criteria. Assessors may work for a C3PAO or be independent.
As a CCP holding a favorable Tier 3 determination, you can participate on a CMMC Level 2 Assessment, only to verify Level 1 practices. As a CCP, you cannot make any final determinations on a CMMC assessment. Those final determinations can only be made by a CCA or a Lead CCA.
A CCP is eligible to become CMMC Certified Assessor (CCA), participates up to CMMC Level 2 assessments, and holds a valuable credential reflecting the training to understand the CMMC requirements for a Defense supplier.
CCA Enroll Here
Upon passing the CCP examination, the individual will be able to begin the CCA process. Again, the candidate will need to find an Approved Training Provider (ATP) on The Cyber AB Marketplace to take their CCA training.
Once a candidate becomes a certified CCA they are then qualified to work on CMMC Level 2 assessments as part of a Certified Third-Party Assessment Organization (C3PAO) assessment team. The C3PAOs employ Assessors who are responsible for conducting the assessments for the Organizations Seeking Certification (OSC).
CCA candidates who have participated in any capacity with an organization preparing for CMMC cannot participate on an assessment team for that same organization.
An organization
C3PAO Enroll Here
A C3PAO is an organization that has successfully passed a rigorous series of requirements to become acknowledged by the CMMC Accreditation Body, on behalf of the DoD, as being objective and competent to perform assessments of OSCs. C3PAOs adhere to assessment criteria that must be consistent, unbiased, and follows a prescribed approach that is utilized similarly across all C3PAOs. They are certified to assess based on the CMMC standard; only Cyber-AB recognized assessors utilized by the C3PAO may conduct authorized assessments.
Membership into the CMMC-AB community, and visibility within the CMMC marketplace, is reserved for those organizations and individuals which successfully complete and pass their respective application and onboarding process, which includes formal review and authorization by the CMMC-AB.
Please click on the appropriate enrollment button above to start the process.