CAP Course Overview
This course is designed for the information security practitioner who champions system security commensurate with an organization's mission and risk tolerance, while meeting legal and regulatory requirements. It conceptually mirrors the NIST system authorization process in compliance with the Office of Management and Budget (OMB) Circular A-130, Appendix III. Led by an (ISC)² authorized instructor, the CAP training seminar provides a comprehensive review of information systems security concepts and industry best practices, covering the 7 domains of the CAP CBK:
Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open-ended questions from the instructor to the students, group assignments, matching and poll questions, group activities, open/closed questions, and group discussions. Each activity was developed to support the learning appropriate to the course topic.
This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the CAP exam and features:
Who should attend?
The course is intended for students who have at least one full year of experience using the federal Risk Management Framework (RMF) or comparable experience gained from the ongoing management of information system authorizations, such as ISO 27001.
The CAP certification is an objective measure of the knowledge, skills, and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk and damage to assets or individuals. CAP is appropriate for commercial markets, civilian and local governments, and the U.S. Federal government, including the State Department and the Department of Defense (DoD). See CAP and DoD 8570. Job functions such as authorization officials, system owners, information owners, information system security officers, certifiers, and senior system managers are great fits as CAPs.
The ideal candidate should have the following experience, skills, or knowledge in:
After completing this course, the participant will be able to: