10 week
96 Lessons
0 Enrolled
(0 Ratings)

Course Overview

Official (ISC)²® Training Seminar for the Certified Authorization Professional (CAP®) provides a comprehensive review of the knowledge required for authorizing and maintaining information systems within the NIST Risk Management Framework. This training course will help students review and refresh their knowledge and identify areas they need to study for the CAP exam. Content aligns with and comprehensively covers the seven domains of the (ISC)² CAP Common Body of Knowledge (CBK®).

Official courseware is developed by (ISC)² – creator of the CAP CBK  – to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the CAP and have completed intensive training to teach (ISC)² content. 

Course Domains

  • Domain 1: Information Security Risk Management Program
  • Domain 2: Scope of the Information System 
  • Domain 3: Selection and Approval of Security and Privacy Controls 
  • Domain 4: Implementation of Security and Privacy Controls 
  • Domain 5: Assessment/Audit of Security and Privacy Controls 
  • Domain 6: Authorization/Approval of Information System 
  • Domain 7: Continuous Monitoring

Course Objectives

After completing this course, the student will be able to:

  • Identify and describe the steps and tasks within the NIST Risk Management Framework (RMF).
  • Apply common elements of other risk management frameworks using the RMF as a guide.
  • Describe the roles associated with the RMF and how they are assigned to tasks within the RMF.
  • Execute tasks within the RMF process based on assignment to one or more RMF roles.
  • Explain organizational risk management and how it is supported by the RMF.


  • Instruction from an (ISC)2 Authorized Instructor
  • Official (ISC)2 Student Training Guide
  • Chapter quizzes
  • Interactive flash cards to reinforce learning
  • 9 example system exercises teaching you how apply the steps of the Risk Management Framework (RMF)
  • 13 discussions encouraging peer to peer interaction around key topics
  • 7 end of chapter quizzes with answer explanation to assess comprehension
  • 142 question post course assessment with answer explanation highlighting areas for further study

Target audiences

  • ISSOs, ISSMs and other infosec/information assurance practitioners who are focused on security assessment and authorization (traditional C&A) and continuous monitoring issues.
  • Executives who must "sign off" on Authority to Operate (ATO).
  • Inspector generals (IGs) and auditors who perform independent reviews.
  • Program managers who develop or maintain IT systems.
  • IT professionals interested in improving cybersecurity and learning more about the importance of lifecycle cybersecurity risk management.


User Avatar


2 Reviews
51 Students
127 Courses
0 rating
5 stars
4 stars
3 stars
2 stars
1 stars

Be the first to review “”

Main Content