Become a CAP – Certified Authorization Professional

Earning the CAP certification is a proven way to build your career and demonstrate your expertise within the risk management framework (RMF). 

The CAP is the only certification under the DoD8570 mandate that aligns with each RMF step. It shows employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)². 

Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey.

About CAP

The Certified Authorization Professional (CAP) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in accordance with legal and regulatory requirements.

The broad spectrum of topics included in the CAP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 7 domains:

  • Information Security Risk Management Program
  • Categorization of Information Systems (IS)
  • Selection of Security Controls
  • Implementation of Security Controls
  • Assessment of Security Controls
  • Authorization of Information Systems (IS)
  • Continuous Monitoring

Experience Requirements

Candidates must have a minimum of 2 years cumulative work experience in 1 or more of the 7 domains of the CAP CBK.

A candidate that doesn’t have the required experience to become a CAP may become an Associate of (ISC)2 by successfully passing the CAP examination. The Associate of (ISC)2 will then have 3 years to earn the 2 year required experience.


CAP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.

CAP Examination Information

  • Length of exam: 3 hours
  • Number of questions: 125
  • Question format: Multiple choice