Certified Authorization Professional/Risk Management Framework

The CAP certification ensures that information security specialists can demonstrate knowledge of the 7 domains of CAP, the 6 steps of RMF. The Risk Management Framework (RMF) and Certified Authorization Professional (CAP) courses can be bundled as one or taught individually. RMF is a set of standards and policies developed by the National Institute of Standards and Technology (NIST). RMF is followed by all federal government and its independent contractors to maintain compliance with legal practice of authorization and maintenance.


  • Extensive experience in any of the following:
  • IT Security
  • Information Risk Management
  • Systems Administration

Experience Requirements

  • Minimum of two years of cumulative paid work experience in one or more of the seven domains of CAP Common Body of Knowledge (CBK).

Learning Objectives

  • Understanding of security laws, regulations, and policies
  • Understanding of the 6 steps of Risk Management Framework:
    • Categorizing Systems
    • Selecting Controls
    • Implementing Controls
    • Assessing Controls
    • Authorizing Controls
    • Monitoring Controls
  • Understanding of the 7 domains of CAP:
    • Risk Management Framework (RMF)
    • Categorization of Information Systems
    • Selection of Security Controls
    • Security Control Implementation
    • Security Control Assessment
    • Information System Authorization
    • Monitoring of Security Controls

Training Dates

Cybersecurity Training Center offers flexible training dates to fit your schedule. You can contact us through email, chat, or by phone to set up a date and time to attend the lessons and take your examination.