The heart of cybersecurity is Risk Management. The Certified Authorization Professional (CAP®) is an ISC2 certification. It demonstrates the professional's skill and expertise within the Risk Management Framework (RMF) as defined by the National Institute of Standards and Technology (NIST). The CAP® is the only certification under the DoD8570 mandate that aligns with each RMF step. It shows employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)².
Define and implement a Risk Management Framework (RMF) Select, tailor and document security controls Prepare for security control assessment Perform ongoing security control assessments