Become a CMMC Certified Assessor (CCA)

Learn how to perform CMMC Level 2 assessments from the most experienced team in the ecosystem. Redspin is one of the first Authorized C3PAOs and has conducted more assessments than any other. 

Get real assessment insights, examples, and personalized instruction from Instructors like  Dr. Thomas Graham, who are lead CMMC Assessors and  CMMC veterans.

CCA Training

Redspin is an ATP

Redspin is one of only 45 Authorized Training Partners (ATP) recognized by the Cyber AB and CAICO for meeting the requirements to deliver CCA training.

Our instructors are experienced CCAs

Our courses are led by experienced Certified CMMC Assessors (CCAs) who bring firsthand expertise from countless hours conducting and leading CMMC assessments, ensuring you gain practical, real-world insights.

Approved training material only

Redspin delivers CMMC training exclusively using approved materials sanctioned by The Cybersecurity Assessor & Instructor Certification Organization (CAICO), ensuring alignment with the highest industry standards.

Learn from the leading C3PAO

As one of the first  Authorized C3PAOs, Redspin brings unparalleled experience to CMMC training, ensuring you learn from a proven leader in the ecosystem.

CCA Training Details

This 5-day live bootcamp is designed to help you become a confident CMMC Certified Assessor (CCA). Our instructors bring real-world experience from both sides of the Cybersecurity Maturity Model Certification (CMMC) process—as assessors and as contractors.

We don’t just teach CMMC, we helped shape it. Redspin instructors contributed to the development of both the CCA and CCP training exams and have helped define the very model you’ll be trained to assess. Through this expert-led instruction, you’ll:

  • Learn how to evaluate CMMC Level 2 practices and processes

  • Apply assessment objectives using real-world scenarios

  • Understand what assessors look for during certification

  • Gain confidence in interpreting NIST 800-171 and related guidance

Not a CCP yet?

Start your journey with our highly-rated CCP training course. CCP certification is the required prerequisite and gives you the foundational knowledge you’ll need to thrive in the CCA course.

CCA Training: Flexible Options and Expert Instructors

CCP Training

Virtual or in-person

Class is typically held live, virtually. In-person instruction is available for groups of 8+.

5 days

Courses are offered monthly. Each session spans 5 full days Mon-Fri.

Learn from the best

Redspin is the first Authorized C3PAO, and a Licensed Training Provider (LTP).

Our instructors are actual CCAs with real-world CMMC experience!

Pricing options

We provide both individual pricing and offer discounts for teams of three or more.

What’s Included?

 Comprehensive Cyber AB Approved Course Material

5 Days of Live Training with CCA Accredited Instructors

Personalized 1:1 Interactive Discussions with Instructors who have Real-world CMMC Experience

Digital CCA Study Guide

Links to Dozens of Free Downloadable Resources

Unlimited On-Demand Access to Your Class Recordings

 Certificate of Completion

Seats are limited. Classes are kept small to allow for live interaction and tailored instruction.

CMMC Training
CCA Training

Course Prerequisites

✓    Complete a CCP course

Exam & Certification Prerequisites

✓    Become a Certified CMMC Professional (CCP) 

✓   Have knowledge of the material covered on the CCP Blueprint and obtain DoD suitability verification

✓   Have another industry-related certification at an indermediate or advanced level (such as CISSP, CISM, etc…)

✓    Have familiarity with the Level 2 Scoping, Assessment Process, and the individual practices listed in the CMMC Level 2 Assessment Guide

✓   Sat in a minimum of 3 Level 2 CMMC assessments (contingent on current CAICO policies)

For more information on the CCA exam and certification, visit the Cyber AB website. 

Who is CCA Training For?

Consultants and External

Service Providers

CMMC Assessment Team Candidates

Employees of OSCs

Pricing and Process

*Since 2021, Redspin has been a trusted source for CMMC methodology training. Our classes, led by renowned CMMC expert Dr. Thomas Graham, are available monthly (alternating CCP/CCA monthly).

Right now, we are only offering virtual classes. However, we can arrange onsite sessions upon request. To schedule an in-person group session, email us at info@redspin.com.

How to Register

1. Choose your class below.

2. Register by paying by credit card or request an invoice.

3. Upon payment, you’ll receive a confirmation email and course material details.

Cost Breakdown

Virtual Classes:

  • Individual= $3,500 per student*
  • Current Clients or Groups (3+)= $3,000 per student with code LEARN2GETHER*

In-Person (Group of 8+):

  • $3,000 per student, and we’ll come to you!

*Current clients are eligible for individual or group discounts! Email us for more details.

%

of our CCA students would recommend this course to a peer or colleague!

Dr. Thomas is one of the best CMMC people in the ecosystem. His class is the best.

Lots of real-world examples. The bootcamp was packed with insights I couldn’t get from self-study.

The Instructor mapped L2 control families to each other in a way that finally made sense.

I really appreciated the scenario-based questions and the small class size—it made the material stick.

Hearing directly from someone who has done assessments is invaluable.

Open & Upcoming Virtual CCA Courses:

August or September reschedule dates coming soon

Check back soon for details and registration links!

December 1-5, 2025
M-F, 9:00 AM – 4:30 PM (ET)

Register and complete your purchase for January’s course by Tuesday, November 18th to secure your spot and receive your course materials on time.

Course Overview:
This comprehensive 5-day CMMC Certified Assessor (CCA) course equips participants with the knowledge and skills to perform Level 2 CMMC assessments as part of a C3PAO team. Designed for cybersecurity professionals, this course focuses on the CMMC 2.0 assessment process, scoping criteria, and in-depth knowledge of the 110 practices required for Level 2 certification.

What You’ll Learn:

  • CMMC Assessment Process (CAP): Gain a thorough understanding of the assessment procedures, documentation, and guidelines to perform official C3PAO assessments.
  • Scoping Criteria: Learn to identify and apply Level 2 scoping criteria, including contractor risk and asset categorization.
  • NIST 800-171 Controls: Master all 110 controls and practices required for Level 2 compliance, covering all domains.
  • Assessment Objectives: Understand how to apply the NIST 800-171 Assessment Objectives during assessments to validate compliance.
  • Handling Sensitive Information: Learn best practices for the handling, safeguarding, and marking of Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) in compliance with NARA and NIST guidelines.
  • Ecosystem Roles: Understand the roles and responsibilities within the Cyber AB ecosystem, focusing on the Certified Assessor’s role.
  • Professional Standards: Navigate the legal, ethical, and professional responsibilities outlined in the Cyber AB’s Code of Professional Conduct (CoPC), including managing potential conflicts of interest.

Important: Register by November 18th to secure your spot and receive your course materials in advance.


Register Pay by Invoice

Questions About CCA Courses?