CAP – Certified Authorization Professional

The Certified Authorization Professional (CAP) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in accordance with legal and regulatory requirements.

The broad spectrum of topics included in the CAP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 7 domains:

• Information Security Risk Management Program
• Categorization of Information Systems (IS)
• Selection of Security Controls
• Implementation of Security Controls
• Assessment of Security Controls
• Authorization of Information Systems (IS)
• Continuous Monitoring

Earning the CAP certification is a proven way to build your career and demonstrate your expertise within the risk management framework (RMF).

CAP is the only certification under the DoD8570 mandate that aligns with each RMF step. It shows employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)².

CAP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.