An information security certification aligning with the Risk Management Framework (RMF). The CAP recognizes your knowledge, skills, and abilities to authorize and maintain information systems within the RMF. It proves you know how to formalize processes to assess risk and establish security documentation.
IT, information security and information assurance practitioners and contractors who use the RMF in:
- The U.S. federal government, such as the U.S. Department of State or the Department of Defense
- The military
- Civilian roles, such as federal contractors
- Local governments
- Private sector organizations
Why Pursue It
- Credibility and marketability. Earning the CAP is a powerful way to validate your knowledge. You’ll stand out and be more competitive.
- Better opportunities. Holding the CAP certification makes you more versatile. It can help you move up and advance your career. And if you’re a contractor, it can lead to better choices in assignments.
- Growth and learning. From exam prep to continuing education, the CAP offers many ways to expand your knowledge. You can stay up-to-date with new technologies and risks.
- Candidates must have a minimum of two years cumulative, paid, full-time work experience in one or more of the seven domains of the CAP Common Body of Knowledge (CBK)
- A candidate who doesn’t have the required experience to become a CAP may become an Associate of (ISC)² by successfully passing the CAP examination. The Associate of (ISC)² will then have three years to earn the two-year required experience
- Part-time work and internships may also count towards your experience
Valid experience includes information systems security-related work performed in pursuit of information system authorization, or work that requires security risk management knowledge and involves direct application of that knowledge.
Experience must fall within one or more of the seven domains of the (ISC)² CAP CBK:
- Domain 1. Risk Management Framework (RMF)
- Domain 2. Categorization of Information Systems
- Domain 3. Selection of Security Controls
- Domain 4. Security Control Implementation
- Domain 5. Security Control Assessment
- Domain 6. Information System Authorization
- Domain 7. Monitoring of Security Controls
- Your work experience is accrued monthly
- Thus, you must have worked a minimum of 35 hours/week for four weeks in order to accrue one month of work experience
Get ready for your CAP Exam with us
We are an (ISC)² official training provider.
What to Expect
- Five days of training in a classroom setting or five days of remote training
- Expert, in-person instruction from an (ISC)²-Authorized Instructor
- Useful collaboration with classmates
- Real-world scenarios and case studies
- Interactive and engaging learning activities to improve collaboration and ensure concepts stick
- Up-to-date, official (ISC)² courseware
- You can attend your course from the office or at home
- You will get Interactive support from experienced trainers
- This training is simple to set up and easy to use on any device
- Our remote training works by connecting all the users to an (ISC)²-Authorized Instructor
- You will be able to hear the instructor, communicate any issues and talk to the other members of the class
- You will learn through real-world scenarios and case studies
- Official (ISC)² CAP CBK Training Seminar Student Handbook
- We will help you to buy your exam voucher (at Pearson Vue) with a 3% discount we have
- Payment plans are available
- We have the best payment plan options letting you pay your CAP training without affecting your budget
- If you want to use a payment plan, contact firstname.lastname@example.org
Schedule your CAP Remote Training