• Online, Instructor-Led
  • Online, Self-Paced
  • Classroom
Course Description

This course is designed for the information security practitioner who champions system security commensurate with an organization's mission and risk tolerance while meeting legal and regulatory requirements. The Certified Authorization Professional (CAP) certification course conceptually mirrors the National Institute of Standards and Technology (NIST) system authorization process in compliance with the Office of Management and Budget (OMB) Circular A-130, Appendix III.
Gain the skills needed to categorize, implement, authorize, assess, continuously monitor (real-time risk management), and select security controls for information systems that meets federal mandates on requirements and process guidelines.
Background information related to how the federal RMF was developed, the expectations set by Congress and OMB, as well as the manner in which the RMF integrates with other information and business processes.

Learning Objectives

Understanding and conducting the security authorization of information systems
Categorizing different information systems
Establishing the baseline for security control
Applying different security controls
Assessing security controls
Authorizing information systems
Monitoring security controls Understanding and conducting the security authorization of information systems
Categorizing different information systems
Establishing the baseline for security control
Applying different security controls
Assessing security controls
Authorizing information systems
Monitoring security controls.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Vulnerability Assessment and Management
  • Systems Analysis
  • Systems Architecture
  • Cyber Defense Analysis