Changes in (ISC)2 CAP Certification

Effective from September 1, 2013, the new exam outline of CAP exam will be based on Detailed Content Outline (DOC). ISC2 has changed the seven domains of the exam but the required experience of the professionals remains the same two years. It is advised to the candidates that they must understand each domain and should be able to apply knowledge in each domain. The new CAP domains are:


1. Risk Management Framework.(RMF)

2. Categorization of Information System.

3. Selection of Security Control.

4. Security Control Implementation.

5. Security Control Assessment.

6. Information System Authorization.

7. Monitoring of Security Controls.


For more details, please visit the link given below:


The Certified Authorization Professional (CAP) certification measures the knowledge, skills and abilities that are required of people involved in the process of authorizing and maintaining information systems. This credential is meant for those who has to formalize process used for assessing risk and establishing security requirements and documentation. Their decisions will ensure that information systems are secured to the level that any exposure to potential risk, or damage to assets or individuals, is looked after.

The CAP credential is appropriate for the U.S. Federal government, including the State Department and the Department of Defense (DoD), both the civilian and local governments, and commercial establishments. This credential also applies to job functions such as authorization officials, system owners, information owners, information system security officers, certifiers, and all senior system managers.

uCertify next upgrade for the CAP Prepkit is schedule to be available soon!!