O'Reilly logo

Official (ISC)2® Guide to the CAP® CBK®, Second Edition, 2nd Edition by Patrick D. Howard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6

Information System Authorization

The residual risks identified during the security control assessment are evaluated and the decision is made to authorize the system to operate, deny its operation, or remediate the deficiencies. Associated documentation is prepared and/or updated depending on the authorization decision.
Certified Authorization Professional (CAP®) Candidate Information Bulletin, November 2010

Topics

  • System Authorization Decision Making
  • Essential System Authorization Documentation
  • NIST Guidance on Authorization of Information Systems

Objectives

As a Certified Authorization Professional (CAP®), you are expected to

  • Develop plan of action and milestones (POA&M)
  • Assemble security authorization package
  • Determine risk

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required