Course

Course Summary
Credit Type:
Exam
ACE ID:
ISCT-0010
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Upper-Division Baccalaureate 3 Cybersecurity Risk Management, Information Risk Assessment, or Principles Of Information Systems and Security Controls
Description

Objective:

CAP is a fixed length computer based examination and is offered through Pearson VUE Testing Centers throughout the world. While taking the test, every candidate responds to 125 items on the exam. The majority of questions are four-option multiple-choice items with one correct key. However, some advanced items such as drag-and-drop, hot spot, scenario-based questions, matching items etc. are included in the test. At the end of the exam administration, candidates receive their pass/fail decision. Failing candidates receive feedback on their exam performance by domains; however, candidates who pass the exam only receive their congratulatory letter describing their next step in acquiring the credential. The Certified Authorization Professional (CAP) credential provides confirmation of a practitioner's ability to advocate for security risk management in pursuit of information system authorization to support an organization's mission and operations in accordance with legal and regulatory requirements.Candidates must score 700 out of 1000 points on the scaled score to pass the exam. Since the cut-score of each exam form could be different, the raw cut-score is converted into 700 scaled score so that score reporting is consistent. Equating is conducted among the forms to make sure that each exam form is equitable on the difficulty of each exam form administered.

Skills Measured:

The CAP examination requires candidates to demonstrate the following knowledge, skills and abilities: information security risk management program (15 percent); categorization of Information Systems (IS) (13 percent); selection of security controls (13 percent); implementation of security controls (15 percent); assessment of security controls (14 percent); authorization of Information Systems (IS) (14 percent); and continuous monitoring (16 percent).
Instruction & Assessment
Supplemental Materials