Looking to advance your career in information security and risk management? Differentiate yourself to employers and/or clients? The CAP certification helps professionals like you prove their knowledge and ability to authorize and maintain information systems within the RMF. It validates that you know how to formalize processes to assess risk and establish security documentation.
The Certified Authorization Professional (CAP) is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance while meeting legal and regulatory requirements.
CAP confirms an individual’s knowledge, skill, and experience required for authorizing and maintaining information systems within the Risk Management Framework as outlined in NIST SP 800-37 Rev
1. The broad spectrum of topics included in the CAP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 7 domains:
• Risk Management Framework (RMF)
• Categorization of Information Systems
• Selection of Security Controls
• Security Control Implementation
• Security Control Assessment
• Information System Authorization
• Monitoring of Security Controls