CAP - Certified Authorisation Professional
CAP - Certified Authorisation Professional
The (ISC)² Certified Authorisation Professional (CAP®) is an information security practitioner who advocates for security risk management in pursuit of information system authorisation to support an organisation’s mission and operations in accordance with legal and regulatory requirements.
CAP is ideal for risk management practitioners and cybersecurity professionals who understand Governance, Risk and Compliance (GRC) and can authorise and maintain information systems utilising various risk management frameworks.
About the Exam
The broad spectrum of topics included in the CAP Common Body of Knowledge (CBK®) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following seven domains:
- Information Security Risk Management Program
- Scope of the Information System
- Selection and Approval of Security and Privacy Controls
- Implementation of Security and Privacy Controls
- Assessment/Audit of Security and Privacy Controls
- Authorisation/Approval of Information System
- Continuous Monitoring
Pre-requisites
Candidates must have a minimum of two years cumulative work experience in one or more of the seven domains of the CAP CBK.
A candidate that doesn’t have the required experience to become a CAP may become an Associate of (ISC)² by successfully passing the CAP examination. The Associate of (ISC)² will then have three years to earn the two year required experience.
Recommended Training Course
CAP |
Recertification
Once you have passed your CAP exam and are certified, you need to recertify every three years by:
- Earning 20 continuing professional education (CPE) credits each year.
- Paying an Annual Maintenance Fee (AMF).
More Information
Please contact us for more details about this or any of the (ISC)² certifications and training courses.
