• Classroom
  • Online, Instructor-Led
Course Description

Assess, authorize and maintain information systems.

The ISC2 Certified Authorization Professional (CAP) certification is one of the most in-demand and industry-leading cybersecurity certifications. The CAP certification is a proven way to build your career and demonstrate your expertise within the risk management framework (RMF). This course is based on the NIST Risk Management Framework (RMF) as outlined in NIST SP800-37. Students gain the knowledge and skills needed to apply cost-effective and appropriate security controls with a risk-based approach; and prepare for the ISC2 CAP exam.

During this course you will learn how to maintain and authorize information systems within the NIST Risk Management Framework (RMF). Sought after by civilians and state and local governments, as well as system integrators supporting these organizations, you will leave with the knowledge and skills necessary to earn your (ISC)² CAP certification, which verifies your ability to set up the formal processes used to assess risk and establish security requirements.

Learning Objectives

Upon completion of this course, you will be able to:

  • describe the Risk Management Framework (RMF);
  • describe the historical events that led to the development of the RMF;
  • describe RMF-core roles and responsibilities;
  • understand related processes integrated in the RMF;
  • identify key references related to each of the six RMF steps;
  • identify key terminology and associated definitions;
  • describe the Federal laws and OMB directives, NIST FIPS and SPs, and other key instructions, that form the legal mandates and supporting guidance required to implement the RMF; and
  • acquire the relevant knowledge and skills required to pass the CAP certification exam.


Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Risk Management
  • Test and Evaluation