The Certified Authorization Professional (CAP) training from InfosecTrain focuses at imparting knowledge and skills to professionals for maintaining and authorizing information system. This leading information security certification proves you’re an expert aligning information systems with the Risk Management Framework (RMF).

This certification is important to those in control for establishing security requirements and documentation along with formalizing risk assessment processes of an information security system. Specifically, it validates that you know how to formalize processes to assess risk and establish security documentation throughout the entire lifecycle of a system.

This course is ideal for authorization officials, information security professionals, information owners and senior system managers

Advantages of CAP Certification

Upon course completion, you will accomplish:

  • Assessing security controls
  • Authorizing information systems
  • Monitoring security controls
  • Understanding and conducting the security authorization of information systems
  • Categorizing different information systems
  • Establishing the baseline for security control
  • Applying different security controls

Target Audience

This CAP training is suitable for experienced IT personnel who are involved with:

  • ISSOs, ISSMs and other infosec/information assurance practitioners who are focused on security assessment and authorization (traditional C&A) and continuous monitoring issues.
  • Executives who must “sign off” on Authority to Operate (ATO).
  • Inspector generals (IGs) and auditors who perform independent reviews.
  • Program managers who develop or maintain IT systems.
  • IT professionals interested in improving cybersecurity and learning more about the importance of lifecycle cybersecurity risk management.


Valid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge. For the CAP certification, a candidate is required to have a minimum of 2 years of cumulative paid full-time work experience in 1 or more of the 7 domains of the CAP CBK.


  • CAP® is a registered mark of The International Information Systems Security Certification Consortium ((ISC)2).
  • We are not authorised training partner of (ISC)2.