• duration
    5 days
  • Course Code

CAP – Security Assessment and Authorization Certification

(ISC)² Official CAP Certification Training

Our Official (ISC)² CAP Certification Boot Camp is a comprehensive review of various risk management frameworks & industry best practices merged with Training Camp’s award-winning comprehensive exam preparation for Certified Authorization Professional exam.

Our CAP Boot Camp represents the culmination of hundreds of hours of instructional design, thousands of hours of exam-focused instruction, and tens of thousands of efficiently and effectively skilled, certified students.

CAP Students Love our Award-Winning Live, Online Platform

From the comfort of your home or office, Training Camp’s live, online virtual classroom platform lets you enjoy the same quality training experience as our in-person courses. We boast one of the industry’s most robust live, online schedules with classes guaranteed-to-run almost every week.

Why Choose Training Camp, (ISC)²’s CAP Partner of the Year?

We offer your best chance to get certified. Period. Training Camp became (ISC)²’s first and only “Boot Camp” partner in 2003. Since then, we have won more awards and certified more CISSPs & CAPs than any other company, worldwide.

Need dedicated RMF training for your team?

Our CAP Certification Course can be delivered to your site or live online in a private-group setting, customized to meet your organization’s learning objectives. Save up to 40% and your satisfaction is GUARANTEED!

Click to learn more about group CAP training.

Official (ISC)² CCAP Training Provider Exclusive Features

(ISC)² Official CAP Courseware
(ISC)² CAP Exam Voucher ($599 Value)
(ISC)² Authorized CAP Instructor
(ISC)² Official Practice Test Questions

Training Camp Exclusive Features

(ISC)² CAP Exam Pass Guarantee
(ISC)² Approved CAP Exam Review Guide
(ISC)² CAP Exam Review Sessions
Live Online Post Class Review Sessions
(ISC)² CAP Exam Delivery Support
CPE/CEU Post Class Package


Our Certified Authorization Professional program also provides a detailed overview of primary and support NIST (and other organizational) governance.

This ensures our students are fully prepared for the CAP exam & can leave the course with a strong understanding of why NIST governance is critical to understanding the RMF process and grasp how to integrate the framework into almost every aspect of their roles as cybersecurity and/or risk professionals in their work environments.

(ISC)² Official CAP Certification Training, As Featured On

training features








(ISC)² CAP Certification Training Boot Camp

Training Camp became (ISC)²’s first and only “Boot Camp” partner in 2003. Since then, we have won more awards and certified more Certified Authorization Professionals than any other company, worldwide. As (ISC)² Partner of the Year for the last 3 years, our track record of expertise in delivering information security certification training across their full portfolio of certifications is unmatched.


    We utilize Authorized (ISC)² instructors who are Subject Matter Experts well-versed in accelerated learning and exam preparation during our CAP boot camp. Their delivery accommodates every student's learning needs through individualized instruction, lab partner and group exercises, independent study, self-testing, and question/answer drills.

  • Customized 100% Updated Exam Prep Study Guide

    Covering the CAP’s 7 domains, this comprehensive guide book helps to demonstrate concepts, frameworks and real-life scenarios. Mixed with Training Camp's award winning best practices and exam prep techniques, this feature has been used by the world's most experienced practitioners for CAP certification success.

  • Evening Review & Official (ISC)² Practice Exam

    Our course includes value-added evening review sessions covering 100% up-to-date practice exams on the lastest version of the (ISC)² CAP exam. These practice exams are only offering with Official (ISC)² training and representative of the actual exam questions from (ISC)².

  • Training Camp Pre-Class/Pre-Exam Prep Support

    Our (ISC)² Official exam support team will help get ready for the our CAP certification training. From exam registration, to understand all the steps needed for certification, they will answer any questions you make have to make sure you are building momentum towards CAP certification success.

  • (ISC)² Exam Voucher Disclaimer/Warning

    (ISC)² and (ISC)² Official Training Providers are the only authorized organizations with the ability to offer exam vouchers for (ISC)² certification exams. Be wary of "unofficial" providers who offer exam vouchers for (ISC)² testing. Since this is the published policy of Pearson Vue and (ISC)², accepting these unapproved purchased exam vouchers can be a violation of (ISC)² Code Of Ethics.

  • Exam Pass Guarantee

    When you decide to take one of our courses, you are placing trust in us. Our Exam Pass Guarantee was designed to help you reach your goal to pass the certification exam. If you do not pass the certification exam, you may retake this program live or online and/or enroll in our mentoring program at no additional cost.

CAP Certification Boot Camp Outline

The Official (ISC)² courseware covers a broad spectrum of topics in the 7 domains of the CAP Common Body of Knowledge (CBK). With Training Camp’s exam prep guide your course content will always be up-to-date with the most current version of the exam. This mix of courseware offers an in-depth review of the CBK as needed, and offers the advantage of Training Camp exam performance boosters.

CAP Domain 1: Information Security Risk Management Program

-Understand the Foundation of an Organization-Wide Information Security Risk Management Program
-Understand Risk Management Program Processes
-Understand Regulatory and Legal Requirements

CAP Domain 2: Categorization of Information Systems (IS)

-Define the Information System (IS)
-Determine Categorization of the Information System (IS)

CAP Domain 3: Selection of Security Controls

-Identify and Document Baseline and Inherited Controls
-Select and Tailor Security Controls
-Develop Security Control Monitoring Strategy
-Review and Approve Security Plan (SP)

CAP Domain 4: Implementation of Security Controls

-Implement Selected Security Controls
-Document Security Control Implementation

CAP Domain 5: Assessment of Security Controls

-Prepare for Security Control Assessment (SCA)
-Conduct Security Control Assessment (SCA)
-Prepare Initial Security Assessment Report (SAR)
-Review Interim Security Assessment Report (SAR) and Perform Initial Remediation Actions
-Develop Final Security Assessment Report (SAR) and Optional Addendum

CAP Domain 6: Authorization of Information Systems (IS)

-Develop Plan of Action and Milestones (POAM)
-Assemble Security Authorization Package
-Determine Information System (IS) Risk
-Make Security Authorization Decision

CAP Domain 7: Continuous Monitoring

-Determine Security Impact of Changes to Information Systems (IS) and Environment
-Perform Ongoing Security Control Assessments (SCA)
-Conduct Ongoing Remediation Actions (e.g., resulting from incidents, vulnerability scans, audits, vendor updates)
-Update Documentation
-Perform Periodic Security Status Reporting
-Perform Ongoing Information System (IS) Risk Acceptance
-Decommission Information System (IS)

NIST/Governance Overview

NIST SP 800-37 rev 1/800-53 rev 4/800-53A rev 4
FIPS 199/200
CNSSI 1253
NIST SP 800-30/800-39/800-60/800-64/800-115/800-137
OMB A-123/A-130

As an (ISC)² Preferred Official Training Provider, Training Camp offers CPE units for our (ISC)² class alumni that can be used for a wide range of CEU and CPE requirements.

Is the CAP certification right for me?

This CAP course assumes that a student has the basic knowledge of NIST governance since the exam requires at least two years of experience working with risk and the concentrations surrounding the domains of the RMF. To qualify for this cybersecurity certification, you must pass the exam and have at least two years of cumulative, paid work experience in one or more of the seven domains of the (ISC)² CAP Common Body of Knowledge (CBK).

Many students may have some of this understanding, but the cybersecurity and risk professions are so diverse that understanding all of the areas surrounding the RMF is simply not realistic — especially given that the (ISC)2 CAP exam focuses significantly on several primary NIST governance areas. This is why our course provides added sections to strengthen this knowledge.

Interested in CAP certification or RMF training for your team? Learn more about Training Camp Enterprise Solutions.

(ISC)² CAP Exam Details

Duration – 180 mins
Number of Questions: 125
Passing Score: 700/1000

(ISC)² CAP Recertification

CAP recertification is required every three years. This is accomplished by earning a minimum of 60 Continuing Professional Education (CPE) credits and paying an Annual Maintenance Fee (AMF).

(ISC)² CAP Exam Voucher Policy

Unofficial training providers may say they include the exam voucher, but this is neither true nor ethical. (ISC)² and (ISC)² Official Training Providers, such as Training Camp are the only authorized organizations with the ability to offer vouchers for our exams. Unauthorized companies do not have the access required to purchase CAP exam vouchers. An authorized organization will never ask for a candidate’s Pearson VUE credentials.

Make sure you or your employees do not provide them to an unauthorized company. This puts them at risk and violates the terms of the (ISC)² Non Disclosure Agreement, which could result in losing their (ISC)² certification, being suspended indefinitely from retaking the exam, and losing money you’ve paid for the exam. This warning is shown clearly when enrolling for any CAP exam date. By going through official channels for exam vouchers, they – and your organization – eliminate these risks

  • View CAP Bootcamp Pricing/Schedule

    Check out dates and locations for award winning (ISC)² Official CAP Boot Camp


    Group custom event options for (ISC)² Official CAP certification.

    Learn More
  • Register for CAP Training Camp

    Enroll now and start your learning adventure in our CAP training

    Start Now


The instructor greatly exceeded my expectations. Very detailed and explained the material in a clear way for me to actually grasp and understand the course.
Tyrel T
The instructors are versed in the material and give real world examples. They encourage participation and are happy when everyone is able to add to the discussion.
Victor Garza State University
The training camp was awesome. The instructor was very organized and did an outstanding job teaching the material. Would highly recommend this boot camp to anyone wanting to increase their chances of passing ISC2 exams.
Steven Alvarado
CISSP instructor Ross Everett-knowledgeable, thorough and very easily understood. The location of class room was great in the metro D.C. Area. Hotel package was a fantastic deal. Going to return for cloud certs in no time.
Jia Hedman Leidos
Training Camp absolutely nailed the teaching method for passing the certification exam.
Maria O
Training Camp is an incredible organization with dedicated professional instructors who ensure the class is engaged in the learning experience. The venue is perfect and the staff provide excellent care of their customers during the training period.
Dr. Nancy Landreville NML Computer Consulting Company Corp
I would highly recommend using Training Camp for this type of training but be prepared to work hard and do your prep work before the training because it is a very hard exam with a very wide area of knowledge being tested.
MT AutoVin Inc
01 07