Overview

This course introduces the Department of Defense (DoD) Risk Management Framework (RMF). This course prepares participants to take the CAP Exam which consists of 125 multiple choice questions and covers the following domains:

Course Content

Course Description

The Certified Authorization Professional (CAP) is an information security practitioner who champions system security commensurate with an organization's mission and risk tolerance, while meeting legal and regulatory requirements. CAP confirms an individual's knowledge, skill, and experience required for authorizing and maintaining information systems within the Risk Management Framework as outlined in NIST SP 800-37 Rev 1. This Certified Authorization Professional (CAP) course introduces the Department of Defense (DoD) Risk Management Framework (RMF). This course prepares participants to take the CAP Exam which consists of 125 multiple choice questions and covers the following domains:

  1. Risk management framework
  2. Categorization of Information Systems
  3. Selection of Security Controls
  4. Security Control Implementation
  5. Security Control Assessment
  6. Information System Authorization
  7. Monitoring of Security Controls

Overall, learners should feel confident in overseeing, evaluating, and supporting the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Risk management professionals conduct independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37). Recommended Audience:- Authorizing Official/Designating Representative

  • Security Control Assessor

    CAP Certification Overview: The CAP certification covers the RMF at an extensive level. And it's the only certification under the DoD8570 Mandate that aligns to each of the RMF steps. The CAP shows you have the knowledge, skills and abilities to authorize and maintain information systems within the RMF. Specifically, it validates that you know how to formalize processes to assess risk and establish security documentation throughout the entire lifecycle of a system. It is recommended that candidates should have a minimum of 2 years cumulative paid full-time work experience.