(ISC)² CAP® Training Boot Camp

The CAP certification, offered by (ISC)², verifies that a holder has the knowledge and skills to securely create, authorize, and maintain information systems within an organization. It is an especially important certification for those working in security risk management and the Risk Management Framework (RMF). Though it is a relatively new certification, coming on the scene in 2015, it is already well-known and highly regarded across the country.

GRC stands for governance, risk, and compliance. It is an acronym that was developed by the OCEG, originally called the Open Compliance and Ethics Group, and is the integrated capability of an organization to reliably achieve its objectives while addressing uncertainty and acting with integrity at all times.

The job outlook for CAP certification holders is extremely good overall, but some areas, such as Washington D.C. and Virginia, have even more jobs than others. CAP is a certification that is highly recognized by both private and government organizations. The United States federal government and the Department of Defense are among the largest organizations hiring Certified Authorization Professionals currently.

Infosec reported the average salary of CAP certification holders to be $124,610 as of May 2022. This is nearly double early estimates for the certification due to high demand and the advanced security roles that CAP certification holders are able to obtain after earning certification.

Your certification is valid for three years and will need to be renewed at the end of this period. To ensure that your skills remain up to date, you must earn 45 CEUs during each three-year renewal period and pay an annual $125 maintenance fee.

Common positions for CAP certification holders include information security risk manager, IT risk manager, information systems auditor, chief information security officer, information assurance engineer, information systems manager, IT security manager, authorization specialist, security consultant, cybersecurity engineer, and cybersecurity analyst.