Top of Page

CAP Training Course Outline

Official (ISC)² CBK Training Seminar for the CAP

The Official (ISC)² Certified Authorization Professional (CAP) Training Seminar provides a comprehensive review of information systems security concepts and industry best practices, covering the seven domains of the CAP Common Body of Knowledge (CBK): 

  1. Information Security Risk Management Program 
  2. Scope of the Information System
  3. Selection and Approval of Security and Privacy Controls
  4. Implementation of Security and Privacy Controls
  5. Assessment/Audit of Security and Privacy Controls
  6. Authorization/Approval of Information System
  7. Continuous Monitoring 

This training course, led by an (ISC)² Authorized Instructor, is structured around the steps of the NIST Risk Management Framework version 2.0, as covered in NIST Special Publication 800-37 Revision 2. The previous version, Revision 1, will be covered throughout the course as it corresponds to the current revision. This course will help students review and refresh their information security knowledge as they pursue the CAP certification.

Who Should Attend

This course is ideal for IT, information security and information assurance practitioners and contractors who use the RMF in federal government, military, civilian roles, local governments and private sector organizations. Roles include:

  • ISSOs, ISSMs and other infosec/information assurance practitioners who are focused on security assessment and authorization (traditional C&A) and continuous monitoring issues
  • Executives who must "sign off" on Authority to Operate (ATO)
  • Inspector generals (IGs) and auditors who perform independent reviews
  • Program managers who develop or maintain IT systems
  • IT professionals interested in improving cybersecurity and learning more about the importance of lifecycle cybersecurity risk management.

Course Agenda

  • Chapter 1: Prepare
  • Chapter 2: Categorize
  • Chapter 3: Select
  • Chapter 4: Implement
  • Chapter 5: Assess
  • Chapter 6: Authorize
  • Chapter 7: Monitor
  • Chapter 8: CAP Certification Information

Note: Throughout this course, exam domains may be covered in several chapters. Included in the course is a table indicating where the exam outline objectives are covered in this course. Unique icons are also used throughout the course materials to identify exam outline objectives.