Improve your experience. We are very sorry but this website does not support Internet Explorer. We recommend using a different browser that is supported such as Google Chrome or Mozilla Firefox.

Certified CMMC Assessor Level 1 (CCA-1)

A Certified Assessor applies the knowledge and expertise as a Certified Professional to Maturity Level 1 (ML-1).



Level 1 of CMMC addresses the protection of Federal Contract Information (FCI) and encompasses the basic safeguarding requirements for FCI specified in Federal Acquisition Regulation (FAR) Clause 52.204-21, which defines FCI as:

Information, not intended for public release, that is provided by or generated for the Government under a contract to develop or deliver a product or service to the Government, but not including information provided by the Government to the public (such as on public websites) or simple transactional information, such as necessary to process payments


About This Course


The CMMC assessment procedure leverages the Assessment Procedure defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171A Section 2.11: An assessment procedure consists of an assessment objective and a set of potential assessment methods and assessment objects that can be used to conduct the assessment.

This course is intended to invoke knowledge on Assessors responsible for conducting these assessments. Each assessment objective is addressed and includes a determination statement related to the [CMMC practice] that is the subject of the assessment. Further, the determination statements are linked to the content of the [CMMC practice] to ensure traceability of the assessment results to the requirements.


Learning Objectives

  • Understand how the application of an assessment procedure to a practice produces assessment findings.
  • Understand how these findings reflect, or are subsequently used, to help determine if the practice has been satisfied.
  • Conduct Assessment of objects to identify the specific items being assessed and how to include specifications, mechanisms, activities, and individuals.
  • Analyse specifications (document-based artifacts (e.g., policies, procedures, security plans, security requirements, functional specifications, and architectural designs) associated with a system.
  • Review Mechanisms such as specific hardware, software, or firmware safeguards employed within a system.
  • Analyse protection-related actions supporting a system that involve people (e.g., conducting system backup operations, exercising a contingency plan, and monitoring network traffic).
  • Interview/Assess individuals, or groups of individuals, such as people applying the specifications, mechanisms, or activities described above.
  • Understand methodologies - the assessment methods define the nature and the extent of the [Certified] Assessor’s actions. The methods include examine, interview, and test; the examine method is the process of reviewing, inspecting, observing, studying, or analyzing assessment objects (i.e., specifications, mechanisms, activities). The purpose of the examine method is to facilitate understanding, achieve clarification, or obtain evidence.; the interview method is the process of holding discussions with individuals or groups of individuals to facilitate understanding, achieve clarification, or obtain evidence; and finally, the test method is the process of exercising assessment objects (i.e., activities, mechanisms) under specified conditions to compare actual with expected behavior.




After completing the associated exam, Assessors are:

  • Credentialed to conduct CMMC ML-1 assessments
  • Authorized to supervise Certified CMMC Professionals in the conduct of ML-1 assessments
  • After completing 3 assessments
    • Authorized to use the CCA-1 logo
    • Be Listed in the CMMC-AB Marketplace



  • U.S. Person (Green card is acceptable).  To participate as a team member on ML-2 assessments, U.S. citizenship is required.
  • Certified CMMC Professional Credential
  • Complete the training and exam for the Certified CMMC Assessor Level 1 credential
  • Have or gain a favorably adjudicated Tier 1 Suitability Determination that results in no security clearance**


    Possess a NAC (National Agency Check), DHS Suitability Credential or other DoD accepted clearance (required to participate on ML-2 or higher assessment teams)

Who Should Attend?


  • Consultants looking to provide CMMC guidance
  • Individuals continuing the CMMC-AB Certified CMMC Assessor or Certified CMMC Instructor career path
  • Anyone looking to build a foundation of knowledge and skills around the new CMMC requirements

Press enter to see more results