The Cyber AB’s Licensed Training Provider (LTP) program requires strict qualifications for organizations to become approved providers of CMMC training, with LTPs listed in the CMMC marketplace and trained by Certified CMMC Provisional Instructors (PIs) who have undergone extensive training beyond the Provisional Assessors (PAs), and all PI candidates must pass PA training before taking the PI training.

Certain changes to the CMMC model caused some controversy, but made sense in the larger picture of cybersecurity, such as the model scaled down from five levels to three.