This course covers the first three steps of the Risk Management Framework (RMF). These are generally tasks assigned to the Information System Owner (ISO) and the staff that supports the development of the information system. In the FedRAMP program, these tasks are covered in Step 1 of the FedRAMP Security Assessment and Authorization Process.
The Certified Authorization Professional (CAP) is an information security practitioner who champions system security commensurate with an organization’s mission and risk tolerance while meeting legal and regulatory requirements. CAP confirms an individual’s knowledge, skill, and experience required for authorizing and maintaining information systems within the Risk Management Framework as outlined in NIST SP 800-37 Rev Read More