Checkout this Coursera Class. It covers NIST 800-171 and in the last class covers CMMC 1.0, but this should give you foundational knowledge for CISA and CMMC 2.0 Cybersecurity Risk Management Framework | Infosec https://coursera.org/specializations/cybersecurity-risk-management-framework