The Certified Authorization Professional (CAP) is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance, while meeting legal and regulatory requirements. CAP confirms an individual’s knowledge, skill, and experience required for authorizing and maintaining information systems within the Risk Management Framework as outlined in NIST SP 800-37 Rev 1.
The broad spectrum of topics included in the CAP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 7 domains:
Before taking this course, candidates must have a minimum of 2 years cumulative paid full-time work experience in 1 or more of the 7 domains of the CAP CBK. A candidate that doesn’t have the required experience to become a CAP may become an Associate of (ISC)² by successfully passing the CAP examination. The Associate of (ISC)² will then have 3 years to earn the 2 year required experience.
2 Days/Lecture & Lab
The CAP is ideal for IT, information security and information assurance practitioners, and contractors who use the Risk Management Framework (RMF). Many who pursue the CAP are: