(ISC)² Certified Authorization Professional Certification

(ISC)² Certified Authorization Professional (CAP) Certification

The (ISC)² Certified Authorization Professional certification is an advanced-level certification designed to ensure the skills and knowledge required for IT security professionals to authorize and maintain information systems within the RMF using best practices, policies, and procedures established by the cybersecurity experts at (ISC)².

(ISC)² CAP exam objectives are as follows:

  • Continuous Monitoring (16%)
  • Scope of the Information System (11%)
  • Authorization/Approval of Information System (10%)
  • Information Security Risk Management Program (16%)
  • Implementation of Security and Privacy Controls (16%)
  • Assessment/Audit of Security and Privacy Controls (16%)
  • Selection and Approval of Security and Privacy Controls (15%)

(ISC)² CAP training helps candidates demonstrate technical knowledge, skills, and abilities to effectively apply the Risk Management Framework against globally accepted standards.

Requirements for (ISC)² Certified Authorization Professional Certification

Candidates must pass the exam and have at least two years of cumulative, paid work experience in one or more of the seven domains of the (ISC)² CAP Common Body of Knowledge (CBK).