As of February 15, 2023, the Certified Authorization Professional (CAP) certification will be changing its name to Certified in Governance, Risk and Compliance (CGRC). The change will only affect the name and the content of the CGRC will remain the same as what was covered by the CAP. In fact, all CAP certificate holders will find their (ISC)2 accounts automatically updated to show they now hold the CGRC.
According to ISC2, this change “better represents the knowledge, skills and abilities required to earn and maintain this certification. The subject matter is broader and more inclusive to frameworks used around the world.”
Certified in Governance, Risk and Compliance (CGRC) cybersecurity professionals are well-versed in the knowledge, skills, and abilities required for personnel involved in the process of authorizing and maintaining information systems within the Risk Management Framework (RMF). Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure those information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.
The CGRC exam format, study material and required domains all will remain the same as the CAP. So, if you are currently studying for your CAP exam...keep going as this change won’t affect your upcoming exam. Your certificate name will be updated automatically on February 15, 2023, to the new version reflecting the (CAP) name change to (CGRC).