The Certified Authorization Professional (CAP) is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance, while meeting legal and regulatory requirements. CAP confirms an individual’s knowledge, skill, and experience required for using various frameworks to manage risk and to authorize and maintain information systems.
The CAP is ideal for IT, information security and cybersecurity practitioners who manage risk in information systems. It is also recommended for any practitioner involved in authorizing and maintaining information systems. Roles include:
Candidates must have a minimum of 2 years’ cumulative work experience in 1 or more of the 7 domains of the CAP Common Body of Knowledge (CBK).
A candidate who doesn’t have the required experience may become an Associate of (ISC)² by successfully passing the CAP examination. The Associate of (ISC)² will then have 3 years to earn the 2 years of required experience.
