Skip to main content

Certified Authorization Professional (CAP) Certification and Training

Code: 2061 Category: Tag:

This official (ISC)2® Certified Authorization Professional (CAP) course prepares you for the CAP exam.

The Certified Authorization Professional (CAP®) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in accordance with legal and regulatory requirements.

CAP Training Delivery Methods

In-Person

Online

CAP Training Course Information

In this CAP Training course, you will learn how to:

Information Security Risk Management Program
Scope of the Information System
Selection and Approval of Security and Privacy Controls
Implementation of Security and Privacy Controls
Assessment/Audit of Security and Privacy Controls
Authorization/Approval of Information System
Continuous Monitoring

CAP Training Course Prerequisites

To qualify for the CAP certification, you must have a minimum of two years of cumulative, paid, full-time work experience in one or more of the seven domains of the CAP Common Body of Knowledge (CBK)

CAP Training Course Exam Information

To maintain certification, you must:

Earn and post a minimum of 20 (ISC)2 CPE credits per year
Comply with (ISC)2’s Code of Professional Ethics

As one of only 12 (ISC)2 CPE submitters worldwide, 4thdacad can submit courses on your behalf to (ISC)2 for CPE credit. (ISC)2 members can earn Group A credits for attending any of our cybersecurity courses and Group B General Education credits for any other 4thdacad course they attend.

Or (ISC)2 members can submit CPE credits directly to the CPE portal in the Members section of the (ISC)2 website.

CAP Certification Course Outline
Domain 1: Information Security Risk Management Program

1.1 Understand the foundation of an organization’s information security risk management program » Principles of information security

Risk management frameworks (e.g., National Institute of Standards and Technology (NIST), cyber security framework, Control Objectives for Information and Related Technology (COBIT), International Organization for Standardization (ISO) 27001, International Organization for Standardization (ISO) 31000)
System Development Life Cycle (SDLC)
Information system boundary requirements
Security controls and practices
Roles and responsibilities in the authorization/approval process

1.2 Understand risk management program processes

Select program management controls
Privacy requirements
Determine third-party hosted information systems
Understand regulatory and legal requirements
Familiarize with governmental, organizational, and international regulatory security and privacy requirements (e.g., International Organization for Standardization (ISO) 27001, Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA))
Familiarize with other applicable security-related mandates
Domain 2: Scope of the Information System
Domain 3: Selection and Approval of Security and Privacy Controls
Domain 4: Implementation of Security and Privacy Controls
Domain 5: Assessment/Audit of Security and Privacy Controls
Domain 6: Authorization/Approval of Information System
Domain 7: Continuous Monitoring

Request Quotes

Register now

InDesign Fundamentals: An Introduction to InDesign CC Training

Digital Media Forensics Essentials Labs

Configuring BGP on Cisco Routers (BGP)

Professional Services Professional: Commercial Rainmaker Training

SecDevOps Practitioner® (SDOP) Certification Training

SAFe® Scrum Master (SSM Certification)

Chef Foundations Training

.NET Best Practices and Design Patterns Training

Model Based System Engineering with SysML

Cisco Software-Defined Access Implementation and Troubleshooting (SDAIT)

arالعربية