What you'll learn

Defense contractors and subcontractors that handle Federal Contract Information (FCI) must complete a CMMC Level 1 self-assessment annually and have a senior official affirm compliance in the Supplier Performance Risk System (SPRS). Failure means contract ineligibility and personal False Claims Act exposure. In this course, Security Compliance: CMMC Level 1, you'll gain the ability to plan, implement, and sustain a CMMC Level 1 program from scoping through annual affirmation. First, you'll explore the structure of CMMC Level 1, the definition of FCI under FAR 52.204-21, and the 15 basic safeguarding requirements across 6 control domains. Next, you'll discover how to scope your assessment boundary, perform the self-assessment using NIST 800-171A objectives, and submit results to the Supplier Performance Risk System. Finally, you'll learn how to complete the annual affirmation, retain artifacts for the required six (6) years, and apply the model to a worked example office network. When you're finished with this course, you'll have the skills and knowledge of CMMC Level 1 needed to lead a small to mid-size DoD contractor through the full self-assessment and affirmation lifecycle.