Upcoming Chapter Events

Below are upcoming chapter conferences, seminars, review courses, and other events.  Prior chapter events can also be viewed.

For information on our event policies, see https://isaca-gwdc.org/event-policies/.

« All Events

Cybersecurity Maturity Model Certification Workshop

February 21, 2026 @ 9:00 am - 5:00 pm EST
GWDC Members $125, Non-GWDC Members $200

 

 

February 21, 2026
Virtual Event (Teams)
Earn up to 7 CPE
$125 for GWDC Members
$200 for Non-Members

 

 

Cybersecurity Maturity Model Certification (CMMC) Workshop

This intensive one-day virtual workshop, Cybersecurity Maturity Model Certification (CMMC), provides participants with a comprehensive understanding of CMMC requirements and the steps necessary to achieve and sustain certification. The workshop will cover the CMMC framework, scoping and self-assessment strategies, gap analysis, and remediation planning, with practical exercises to ensure participants can confidently prepare for CMMC audits and maintain ongoing compliance.

Registration closes on February 19 @ 5PM.

Register Today!

 

 

More about the CMMC

The CMMC Program aligns with the DoD’s existing information security requirements for the DIB. It is designed to enforce the protection of sensitive unclassified information shared by the Department with its contractors and subcontractors. The program provides the DoD with increased assurance that contractors and subcontractors are meeting the cybersecurity requirements for nonfederal systems processing controlled unclassified information.

More about the CMMC

 

Event Details

Date and Time

The workshop will be held on February 21, 2026 from 9:00 am to 5:00 pm.

Add this event to your calendar using the Add to Calendar link at the bottom of the page.

 

Virtual Event

The workshop will be held using Microsoft Teams.

Prior to the event, the instructor will email all participants the Teams link for the course along with course materials

 

Pricing

The fee for GWDC Members is $125 for the workshop.
The fee for all other registrants is $200 for the workshop.

To become a member and take advantage of the member rate for our events, among other benefits, join ISACA and select the Greater Washington D.C. Chapter as your local chapter.

 

Event Policies

Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system by the date registration closes. Refunds vary depending on the date of cancellation and cost of the event. See ISACA GWDC Event Policies for details.

The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services.
All complaints should be submitted through the Registration Contact Form.

 

 

Share this Event

If you are interested, planning to attend, or attending this event, please share with your colleagues across your social media networks.

 

 

Course Outline

Module 1: Introduction to CMMC

  • Purpose and history of the Cybersecurity Maturity Model Certification
  • Key differences between CMMC 1.0 and 2.0
  • Overview of the three maturity levels and their requirements
  • Relationship between CMMC, NIST SP 800-171, and DFARS 7012

Module 2: Understanding CMMC Domains and Practices

  • Deep dive into the 14 CMMC domains
  • Examples of practices and processes required for each level
  • How practices align with NIST controls and cybersecurity best practices

Module 3: Scoping and Determining Applicability

  • Understanding Controlled Unclassified Information (CUI) vs. Federal Contract
  • rmation (FCI)
  • Determining organizational and system boundaries for CMMC scope
  • Practical examples of scoping for small, medium, and large contractors

Module 4: Self-Assessment and Gap Analysis

  • Conducting a CMMC readiness self-assessment
  • Mapping current controls against CMMC requirements
  • Identifying and prioritizing gaps for remediation

Module 5: Developing and Implementing Remediation Plans

  • Creating a Plan of Action & Milestones (POA&M)
  • Strategies for implementing missing security controls
  • Leveraging technology and policies to meet CMMC objectives

Module 6: Documentation and Evidence Preparation

  • Key artifacts and documentation needed for CMMC audits
  • Policies, procedures, and system security plans (SSPs)
  • Capturing and maintaining evidence to support certification

Module 7: Working with Assessors and the Certification Process

  • Understanding the C3PAO (Certified Third-Party Assessment Organization) role
  • Preparing for an official CMMC assessment
  • Common pitfalls and lessons learned from mock audits

Module 8: Sustaining Compliance and Continuous Improvement

  • Maintaining cybersecurity maturity post-certification
  • Ongoing monitoring, incident response, and reporting requirements
  • Leveraging CMMC for competitive advantage in DoD contracting

 

 

Interested in Speaking at a Chapter Event

If you are interested in speaking at an upcoming conference, please visit the Call for Speakers page and complete the form.

Call for Speakers

 

Instructor

Jim Wiggins

Jim Wiggins
AAISM, AAIA, AIGP, CISM, CISA, CRISC, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, FITSP-M, CGEIT, MCITP, MCSE: Security, MCSE: Messaging, MCSA, MCDST, Server+, Network+, A+, CDPSE, CIPP/US, PMP, ICE-CCP, DACUM Facilitator

Jim Wiggins is a seasoned IT and cybersecurity expert with over 29 years of industry experience, 24 of which have been dedicated to information security – and, more recently, the last 3 years on artificial intelligence. He is the Founder and CEO of Securible, LLC, a Washington, DC-based cybersecurity training and consulting firm specializing in practical, forward-thinking solutions. Through Securible, Jim has championed innovative approaches to address emerging threats, ensure regulatory compliance, and harness the power of Artificial Intelligence in IT audit, cybersecurity, governance and privacy. Throughout his distinguished career, Jim has trained well over 20,000 IT and cyber professionals, underscoring his commitment to education and the advancement of the field.

In addition to his leadership at Securible, Jim also serves as the Founder and CEO of the Federal IT Security Institute (FITSI), a 501(c)(6) non-profit certification body accredited by the ANSI National Accreditation Board (ANAB) under ISO 17024:2012. FITSI provides role-based cybersecurity certifications designed to fortify the U.S. federal cybersecurity workforce.

Enhancing his contributions to the cybersecurity community, Jim hosts a TV show in the Washington, DC area called Cybersecurity Today. The program offers expert insights, in-depth analysis, and the latest updates on cybersecurity trends and threats, further establishing his role as a prominent thought leader in the industry.

Recognized as a Federal 100 award recipient in 2019 and the Federal Information Systems Security Educators’ Association (FISSEA) “Educator of the Year” in 2011, Jim is widely respected for his commitment to elevating cybersecurity education.

In the rapidly evolving arena of Artificial Intelligence (AI), Jim has directly trained well over 1,000 IT and cyber professionals on generative AI fundamentals through intensive sessions with the Department of the Interior’s University, the Defense Information Systems Agency (DISA), the National Risk Management Center (NRMC) within CISA, and the Greater Washington DC Chapter of ISACA. He leverages AI-driven tools such as ChatGPT, Gemini, Dalle, Midjourney, and Copilot to translate complex concepts into practical, governance-focused applications.

Jim holds numerous certifications, including:

  • Artificial Intelligence: AAISM, AAIA, AIGP
  • Cybersecurity: CISM, CISA, CRISC, CISSP, ISSEP, CGRC (CAP), SCNA, SCNP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and FITSP-M.
  • Information Technology: CGEIT, MCITP, MCSE: Security, MCSE: Messaging, MCSA, MCDST, Server+, Network+, A+.
  • Privacy: CDPSE, CIPP/US
  • Project Management: PMP (Project Management Professional).
  • Education: ICE-CCP (I.C.E. Certified Credentialing Professional), DACUM Facilitator

Jim is currently finalizing a master’s degree in education from George Washington University with a concentration in Assessment, Testing, and Measurement.

 

 

Questions about this Event

If you have any registration questions about this event, please contact us by completing the Registration Contact Form linked below.

Registration Questions

 

If you have CPE questions after the event has concluded, please contact us by completing the CPE contact form linked below.

CPE Questions

 

 

CPE Information

Earn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org

 

Poll Questions

Participants must respond to all the poll questions polling feature or chat log in order to receive NASBA CPE credits. The GWDC will not be responsible for the participant’s inability to respond to the polls.

 

CPE Distribution and Evaluation Survey

CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.

 

Learning Objectives

  • Explain the purpose and history of the Cybersecurity Maturity Model Certification (CMMC).
  • Compare key differences between CMMC 1.0 and 2.0.
  • Describe the 14 CMMC domains and their relationship to NIST controls.
  • Provide examples of practices and processes required across maturity levels.
  • Differentiate between Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
  • Determine organizational and system boundaries when defining CMMC scope.
  • Conduct a CMMC readiness self-assessment to evaluate compliance.
  • Identify and prioritize gaps through a structured gap analysis.
  • Develop a Plan of Action & Milestones (POA&M) to address deficiencies.
  • Implement strategies to remediate missing or incomplete security controls.
  • Prepare key artifacts such as policies, procedures, and system security plans (SSPs).
  • Capture and maintain evidence to support CMMC certification.
  • Explain the role of a Certified Third-Party Assessment Organization (C3PAO).
  • Prepare effectively for an official CMMC assessment.
  • Maintain cybersecurity maturity through continuous monitoring and incident response.
  • Leverage sustained CMMC compliance as a competitive advantage in DoD contracting.

 

CPE-Related Details

  • Prerequisites: None
  • Advance Preparation: None
  • Program Knowledge Level: Basic
  • Delivery Method:  Group Internet Based
  • Field of Study:  Information Technology – Technical

Details

Venue

  • Virtual Event

Organizer

  • Clifton Persaud (Certifications Program and Special Assistance Requests)
  • Email certifications@isaca-gwdc.org