What's the difference between an ATP and certification?

Approved Training Providers (ATPs) deliver the licensed CCP and CCA training. Completing this training through an ATP qualifies you to take the CCP and CCA certification exams, which are administered separately. ATPs don't certify anyone—they provide the required training to prepare you for certification.

How is this different from other CMMC training?

Traditional ATPs are one-dimensional. They deliver the licensed CCP and CCA training required to qualify for certification exams, then you're done. CMMC Copilot trains and develops CMMC professionals. We provide certification prep PLUS hands-on simulations, real-world experience through CMMC Clinic, gamified learning, mentorship from experienced professionals, access to paid consulting opportunities, and ongoing career support. We don't just help you pass exams—we help you build a career.

I'm already CCP or CCA certified. Can I still join?

Yes. If you're already certified through another ATP, you can join CMMC Copilot for the hands-on simulator practice, CMMC Clinic experience, mentorship, community, and access to paid consulting opportunities.

What happens while I wait for my Tier 3 background check?

Unlike traditional ATPs where you wait in limbo, CMMC Copilot lets you continue building skills through mock assessments, CMMC Clinic hours, and potentially paid consulting work (depending on client requirements). You're gaining real-world experience while you wait.

Do I need to be in Texas?

No. While Aspire Cyber is based in Texas, the CMMC Copilot program is virtual. We serve individuals nationwide.

Can my employer pay for this?

Yes. Many Defense contractors and C3PAOs sponsor employees through CMMC Copilot as workforce development. We can provide program details and documentation for budget requests.

How does the gamification work?

You earn points by completing mock assessments, attending study sessions, and developing CMMC artifacts. Points contribute to advancing through ranks (Copilot 1, 2, 3), with each rank earning you physical and digital badges (Bronze, Silver, Gold Wings) and preferential access to paid opportunities.

What if I don't pass my certification exam?

If you're enrolled in self-paced training and don't pass your CCP or CCA exam, you receive a free retake of the course. We're invested in your success, not just collecting tuition.

Ready to Launch Your CMMC Career?

If you're serious about building a CMMC career with hands-on experience and comprehensive development—not just passing certification exams—schedule a 15-minute consultation to discuss the CMMC Copilot program. No pressure. Just an honest conversation about where you want to go and how we can help you get there.

[email protected]
+214-225-3242

CMMC Certification Training

(CCP & CCA)

Get certified with expert-led training designed to help you pass CCP & CCA

and advance your cybersecurity career.

Official CMMC-aligned training
Live instructor-led sessions
Designed for CCP & CCA exam success
Practical, real-world guidance

Official CMMC-aligned training
Live instructor-led sessions
Designed for CCP & CCA exam success
Practical, real-world guidance

WHAT THIS TRAINING IS

Become CMMC Certified with Confidence

Our training programs are designed for professionals preparing for:

CMMC Certified Professional (CCP)
CMMC Certified Assessor (CCA)

We focus on giving you the knowledge, structure, and exam readiness needed to successfully achieve certification and apply it in real-world scenarios.

WHO THIS IS FOR

Is This Training Right for You?

This program is ideal for:

Cybersecurity professionals entering CMMC
Consultants supporting Department of War (DoW) contractors
Internal IT/security teams preparing for their organization for CMMC compliance
Professionals aiming to become certified assessors

WHAT YOU’LL LEARN

What You’ll Gain

Clear understanding of CMMC framework and requirements
Step-by-step guidance for CCP & CCA exams
Real-world application of controls and assessments
Practical insights from experienced professionals

WHY CHOOSE US

Why Train With Us

Focused on CCP & CCA certification success
Led by experienced CMMC practitioners
Practical, real-world approach (not just theory)
Support throughout your certification journey

COURSE OPTIONS

Training Programs

CCP Training

Foundation-level certification
Ideal starting point for CMMC professionals

CCA Training

Advanced certification for assessors
Deep dive into assessments and compliance

Not sure where to start? Book a consultation and we’ll guide you

Meet Your CMMC Copilots

All CMMC Copilots are CMMC Certified Professionals (CCPs), CMMC Certified Assessors (CCAs), and Lead CMMC Certified Assessors with real-world operational experience.

Derrich

Phillips

Lead CCA & CMMC Provisional Instructor

20+ years managing strategic security programs. U.S. Army Cyber Network Defender. Leadership at Lockheed Martin and Bank of America.

Tiffany

Laitola

CCP & CMMC Provisional Instructor

Retired Master Chief Petty Officer (E-9) with 30 years in Information Assurance and Cybersecurity. Led top-scoring Navy Cybersecurity Inspection.

Dr. Maureen McWhite, PhD

PhD - CCP & CMMC Provisional Instructor

Supply chain cybersecurity expert with over 25 years of IT experience, specializes in helping small and medium businesses reduce cyber risk through training and establishing strong cybersecurity postures.

Dr. Constance Blanson, PhD

CCA & CMMC Provisional Instructor

Academic Professor and IT Consultant specializing in cloud security, FedRAMP, and pragmatic security frameworks.

SOCIAL PROOF

Trusted by Professionals in Cybersecurity

★ ★ ★ ★ ★

Georgia State University engaged Aspire Cyber to support our CMMC readiness efforts, and the experience was exceptional from start to finish. Derrich and his team were consistently available to answer questions, provide clarification, and ensure we were fully prepared when the time came for our assessment.

Tim Gehret

Local Guider

★ ★ ★ ★ ★

Aspire Cyber has, and continues to provide very valuable industry knowledge on CMMC, and Derrich Phillips breaks down complex CMMC topics into digestible lessons that make compliance feel achievable for small businesses. The mock assessment series is a huge bonus, I don't see anyone else doing them, but it gives OSC/OSA's a good insight as to what to expect.

Justin Johnson

★ ★ ★ ★ ★

Attending Derrich's mock assessment was a game changer for our us. His expert knowledge and professional demeanor created a productive and insightful environment. Derrich, with his co-host (role play)has a unique talent for asking the right questions, which force us to think differently or maybe critically about our controls, and then providing leadership on how to fix them.

Amad Sheikh

Your Training Options

Ready to Get CMMC Certified?

Take the next step toward CCP or CCA certification with expert-led training.

Frequently Asked Questions

How do I choose between CCP and CCA?

We’ll guide you based on your experience and career goals.

Do I need prior experience?

Basic cybersecurity knowledge is recommended.

Is this training aligned with official CMMC requirements?

Yes — our training is structured around current CMMC guidelines.

Do CCA candidates need to complete Tier 3 before they can take the CCA exam?

CCA candidates do not need to have completed Tier 3 before they can take the CCA exam. If you pass the CCP exam and take CCA training, you can take the CCA exam—just as you could previously.

Moving forward, who is going to run point on the Tier 3 Investigations for CCPs/CCAs?

CyberAB will continue to run point on Tier 3 Investigations for CCPs and CCAs.

Have the costs associated with CMMC certification changed?

While new exam prices have increased compared to the old model and in line with similar industry certifications, we are happy to report that annual renewal costs have decreased to the extent that total cost of ownership over the three-year cycle is very similar and, in some cases, substantially lower. For example, three-year total costs for someone holding CCP and CCA were $3,175 with previous pricing. Those become $2,280 through ISACA and are reduced to $2,105 with ISACA membership.

How/where can I start the background check process?

The background check process starts after you've completed CCP training, passed the CCP exam and applied for the certification. During the application process, ISACA will validate your experience and then send your information to CyberAB so the background check can start.

Are CPE policies available for CCP and CCA?

Yes. For CCPs and CCAs, a minimum of 20 CPE must be earned each year, with a total of 120 CPE over a three-year cycle. At least 90 CPE must relate to the certification itself, and two of the 90 must relate to CMMC rules. The remaining 30 CPE can relate to the certification or to general professional development, such as leadership, soft skills and mentorship. Lead CCAs do not need to report any additional CPE to maintain that credential.

Can the CPE activities submitted for other ISACA certifications be used for CCP and/or CCA?

Yes, if the CPE activity fulfils both an ISACA certification and CCP you're able to apply those CPEs to both certifications.

Are the exams conducted in person or remotely?

Both options are available.

What is ISACA's new role in the CMMC ecosystem?

ISACA has been authorized as the CMMC Assessor & Instructor Certification Organization (CAICO) and is now managing the training, examination and professional certification for individuals within the CMMC ecosystem. The credentials ISACA administers for the US Department of War CMMC program are the CMMC Certified Assessor (CCA), Lead CMMC Certified Assessor (LCCA), CMMC Certified Professional (CCP) and CMMC Certified Instructor (CCI).

What is the CMMC?

The Cybersecurity Maturity Model Certification (CMMC) is an assessment framework and assessor certification program intended to increase the trust in measures of compliance to a variety of standards published by NIST. The purpose of the CMMC is to verify that the information systems used by DoD contractors to process, transmit or store sensitive data are compliant with the mandatory information security requirements.

What is the CMMC Certified Professional (CCP) credential, and who should pursue it?

The CCP is a foundational certification within the CMMC ecosystem designed for professionals who want to support organizations with pre-assessments, join CMMC assessment teams under a CCA/C3PAO, or eventually become a CCA themselves. A CCP helps with gap analysis, evidence collection, validation, and audit preparation.

What is the CMMC Certified Assessor (CCA) credential, and who should pursue it?

The CCA is a mid-to-advanced level certification that qualifies professionals to conduct Level 2 CMMC assessments for defense contractors, serve as part of a C3PAO team, and make final determinations on compliance. CCAs may choose to pursue a Lead CCA designation as a next step.

What is the Tier 3 Determination from the DoW?

CMMC certifications require individuals in assessment roles to obtain a Tier 3 determination from the Department of War. Tier 3 involves a background investigation; however, it does not grant or authorize security clearance. The determination is used solely to establish national security eligibility to participate in CMMC assessment activities.

Are there any prerequisites for earning these certifications?

Yes. There are education and experience requirements needed for CCP eligibility. For CCA eligibility, candidates must fulfill a baseline certification requirement under DoD 8140.03's Work Role 612 (Security Control Assessor) at the Intermediate or Advanced proficiency levels. ISACA's CISA and CISM are two certifications that candidates can choose from among the prerequisites.

Are the credentials intended for those who work in US organizations only?

No, any organization in any country that is eligible and wants to do business with the US Department of War must be CMMC-compliant based on the staging and rules set by the Federal Acquisition Regulations.

Are there benefits to those NOT subject to CMMC in obtaining these certifications?

Yes, these certifications are a great complement to other industry credentials and can greatly increase a cybersecurity professional's or team's technical depth, even if the organization is not aligned to the defense industrial base.