This course is designed for the information security practitioner who champions system security commensurate with an organization's mission and risk tolerance while meeting legal and regulatory requirements. The Certified Authorization Professional (CAP) certification course conceptually mirrors the National Institute of Standards and Technology (NIST) system authorization process in compliance with the Office of Management and Budget (OMB) Circular A-130, Appendix III.
Gain the skills needed to categorize, implement, authorize, assess, continuously monitor (real-time risk management), and select security controls for information systems that meets federal mandates on requirements and process guidelines.
Background information related to how the federal RMF was developed, the expectations set by Congress and OMB, as well as the manner in which the RMF integrates with other information and business processes.
Learning Objectives
Understanding and conducting the security authorization of information systems
Categorizing different information systems
Establishing the baseline for security control
Applying different security controls
Assessing security controls
Authorizing information systems
Monitoring security controls Understanding and conducting the security authorization of information systems
Categorizing different information systems
Establishing the baseline for security control
Applying different security controls
Assessing security controls
Authorizing information systems
Monitoring security controls.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Risk Management
- Vulnerability Assessment and Management
- Systems Analysis
- Systems Architecture
- Cyber Defense Analysis
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.