This CAP Boot Camp prepares individuals for the CAP examination through extensive lecture and drill sessions, reviews of all CAP Domains of knowledge, and practical question and answer scenarios, all through a high-energy seminar approach.

This course is intended for students with Assessment and Authorization experience or knowledge of the NIST SP 800-37, Revision 1, Guide for applying the Risk Management Framework to Federal Information Systems. The ideal candidate should have experience, knowledge or skills in any of the following:

• IT Security
• Information Assurance
• Information Risk Management
• Certification
• Systems Administration
• 1-2 years of general systems technical experience
• 2 years of database/systems development /network experience
• Information Security Policy
• Technical or auditing experience with government, the U.S. Department of Defense, the financial or health care industries, and /or auditing firms
• Strong familiarity with NIST documentation

• Understanding the purpose of Assessment and Authorization
• Defining Systems Authorization
• Describing and deciding when Systems Authorization are employed
• Defining roles and responsibilities
• Understanding the legal and regulatory requirements for A&A
• Initiating the A&A process
• Establishing Authorization Boundaries
• Determining Security Categorization
• Performing initial Risk Assessment
• Selecting and Refining Security Controls
• Documenting Security Control
• Performing Certification Phase
• Assessing Security Control
• Documenting Results
• Conducting final Risk Assessment
• Performing Continuous Monitoring
• Monitoring Security Controls
• Monitoring and Assessing changes that effect the Information System
• Performing Security Impact Assessment as needed
• Documenting and Monitoring results of Impact Assessment
• Reentering A&A process as needed
• Maintaining System's Documentation (e.g. Interconnection Agreements)