25,000+ Courses Nationwide
0345 4506120

Official (ISC)2 Certified Authorization Professional. Incl Exam

The Official(ISC)²® Certified Authorization Professional (CAP®) training provides a comprehensive review of the knowledge required for authorizing and maintaining information systems within the NIST Risk Management Framework. This training course will help students review and refresh their knowledge and identify areas they need to study for the CAP exam.Content aligns with and comprehensively covers the sevendomains of the (ISC)² CAPCommon Body of Knowledge (CBK®).

As an (ISC)2Official Training Provider, we use courseware developed by (ISC)² –creator of the CAPCBK –to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the CAPand have completed intensive training to teach(ISC)² content.

Please Note: An exam voucher is included with this course.

Target Audience

This training is ideal for IT, information security and information assurance practitioners and contractors who use the RMF in:The military; Civilian roles, such as federal contractors; Local governments; Private sector organizations.

Select specific date to see price, venue and full details.

Learning Objectives

After completing this course you should be able to:

  • Describe the historical legal and business considerations that required the development of the Risk Management Framework (RMF), including related mandates.
  • Identify key terminology and associated definitions.
  • Describe the RMF components, including the starting point inputs (architectural description and organization inputs.
  • Describe the core roles defined by the RMF, including primary responsibilities and supporting roles for each RMF step.
  • Describe the core federal statutes, OMB directives, information processing standards (FIPS) and Special Publications (SP), and Department of Defense and Intelligence Community instructions that form the legal mandates and supporting guidance required to implement the RMF.
  • Identify and understand the related processes integrated with the RMF.
  • Identify key references related to RMF Step 1 –Categorize Information Systems.
  • Identify key references related to RMF Step 2 –Select Security Controls.
  • Identify key references related to RMF Step 3 –Implement Security Controls.
  • Identify key references related to RMF Step 4 –Assess Security Controls.
  • Identify key references related to RMF Step 5 –Authorize Information System.
  • Identify key references related to RMF Step 6 –Monitor Security Controls.


Attendees should meet the following prerequisites:

  • At least one full year of experience using the federal Risk Management Framework (RMF) or comparable experience gained from the ongoing management of information system authorizations, such as ISO 27001.

Course Content

Domain 1: Information Security Risk Management Program

Domain 2: Categorization of Information Systems (IS)

Domain 3: Selection of Security Controls

Domain 4: Implementation of Security Controls

Domain 5: Assessment of Security Controls

Domain 6: Authorization of Information Systems (IS)

Domain 7: Continuous Monitoring

Exams & Certification

Recommended as preparation for the following exams:

  • (ISC)2 Certified Authorization Professional.

Candidates must have a minimum of 2 years cumulative work experience in 1 or more of the 7 domains of the CAP CBK.

A candidate that doesn’t have the required experience to become a CAP may become an Associate of (ISC)² by successfully passing the CAP examination. The Associate of (ISC)² will then have 3 years to earn the 2-year required experience.

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


We work with the best