The North Carolina Community College System’s Security Compliance course (SEC-258) introduces information security compliance and standards along with how they apply to corporate IT environments. Topics included in the catalog description of the course include ISO standards, government NIST frameworks, federal and state compliance requirements, security policies, incident response and business continuity planning. We have also added a CMMC module to the course. Unfortunately, many times the course content is dry and requires pure memorization. Join us, for this presentation to share and discover new ways to deliver a compliance course in a more “”handson”” format. In short, we intend to move students from remembering compliance regulations to understanding and applying security controls and governance.