Certified Authorization Professional
The proven way to build your career and demonstrate your expertise within various risk management frameworks.
CAP shows employers you have the advanced technical skills and knowledge to understand Governance, Risk and Compliance (GRC) and can authorize and maintain information systems utilizing various risk management frameworks, as well as best practices, policies and procedures established by the cybersecurity experts at (ISC)².
The CAP is ideal for IT, information security and information assurance practitioners and contractors seeking to prove their understanding of the RMF. It shows you have the advanced knowledge and technical ability to formalize processes to assess risk and establish security documentation.
CAP Alignment with RMF
CAP Exam Overview
The CAP exam evaluates your expertise across seven domains. (Think of domains as topics you need to master based on your professional experience and education.) Passing the exam proves you have the advanced knowledge to authorize and maintain information systems within the RMF.
To qualify for the CAP, candidates must pass the exam and have at least two years of cumulative, paid work experience in one or more of the seven domains of the (ISC)2 CAP Common Body of Knowledge (CBK®). A candidate who doesn’t yet have the required experience to become a CAP may become an Associate of (ISC)2 after successfully passing the CAP exam.
The Associate of (ISC)² will then have three years to earn the experience needed for CAP certification.
Career options for this course.
Become a Certified Authorization Professional