How to Get Your CAP Certification

Here are the steps to earn a CAP certification from (ISC)²:

1. Obtain the Required Experience

Candidates must have a minimum of 2 years cumulative paid full-time work experience in 1 or more of the 7 domains of the CAP CBK.  

If you do not have the required experience, you may still sit for the exam and become an Associate of (ISC)² until you have gained the required experience. 

2. Schedule the Exam

3. Pass the Exam

Pass the CAP examination with a scaled score of 700 points or greater.  Read the Exam Scoring FAQs  

4. Complete the Endorsement Process 

Once you are notified that you have successfully passed the examination, you will be required to subscribe to the (ISC)² Code of Ethics and have your application endorsed before the credential can be awarded. An endorsement form for this purpose must be completed and signed by an (ISC)²-certified professional who is an active member, and who is able to attest to your professional experience. With the endorsement time limit, you are required to become certified within 9 months of the date of your exam or become an Associate of (ISC)². If you do not become certified or an Associate of (ISC)² within 9 months of the date of your exam, you will be required to retake the exam in order to become certified. [(ISC)² can act as an endorser for you if you cannot find a certified individual to act as one.] Please refer to the Endorsement Assistance Guidelines for additional information about the endorsement requirements.  

5. Maintain the Certification

Recertification is required every three years, with ongoing requirements to maintain your credentials in good standing. This is primarily accomplished through continuing professional education (CPE) credits. CAPs are required to earn and post a minimum of 20 CPE credits (of the 60 CPE credits required in the three-year certification cycle) and pay the AMF of US$65 during each year of the three-year certification cycle before the member’s certification or recertification annual anniversary date. 

Audit Notice*
Passing candidates will be randomly selected and audited by (ISC)² prior to issuance of any certificate. Multiple certifications may result in a candidate being audited more than once.

Logo CAP
certs chart top