Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Associate Protection Professional (APP)

  1. Home
  3. Associate Protection Professional (APP)
Associate Protection Professional (APP) online tutorial

The Associate Protection Professional (APP) certification program was launched by ASIS International in 2019, as part of ASIS International’s ongoing strategy to provide professional development and academic opportunities for professionals at various levels of security management. This certification exam is meant for candidates with 1-3 years of security management experience. Moreover, the exam measures the knowledge of professionals in security management fundamentals, risk management, business operations, and response management.

Eligibility criteria

  • One year – Master’s degree (or international equivalent)
  • Two years – Bachelor’s degree (or international equivalent) 
  • Three years – No higher education degree

Experience required

An individual having been personally engaged in security or loss prevention on a full-time basis, or as a primary duty. Experience that is included is:

  • as a security professional in the protection of assets, in the public or private sector, criminal justice system,  government intelligence, or investigative agencies
  • with companies, associations, government, or other organizations providing services or products, including consulting firms, provided the duties and responsibilities substantively relate to the design, evaluation, and application of systems, programs, or equipment, or development and operation of services, for protection of assets in the private or public sectors.
  • as a full-time educator on the faculty of an accredited educational institution, provided the responsibilities for courses and other duties relate primarily to knowledge areas pertinent to the management and operation of protection of assets programs in the public or private sectors.

Retaking the Exam

You may take the exam up to three times during your two-year eligibility year. There must be 90 days between each attempt. The fee to retake the exam is $225 for CPP, PCI, and PSP. The retake fee for APP is $150. However, if you fail the exam three times in your two-year eligibility period, you must reapply and pay the full fee.

Exam Details

Before jumping into preparation, you ought to be know all the required exam details. This helps you retain updates and provides a far better idea of the way to proceed with the preparation consistent with the sort of questions asked and the time duration. So, we have compiled such important details of the Associate Protection Professional (APP) exam below:

  • Type of questions : Multiple-choice questions
  • No. of questions : 125(100 MCQs+25 unscored questions)
  • Time allotted : 2 hrs

For more details and any queries, visit the Associate Protection Professional (APP) Exam FAQs

Associate Protection Professional (APP) FAQs

Associate Protection Professional (APP) Course Outline

The syllabus for this exam has the following sections and subsections:

DOMAIN 1: SECURITY FUNDAMENTALS (35%)

TASK 1: Implement and coordinate the organization’s security program(s) to guard the organization’s assets

Knowledge of

  • Security theory and terminology
  • Project management techniques
  • Security industry standards
  • Protection techniques and methods
  • Security program and procedures assessment
  • Security principles of planning, organization, and control

TASK 2: Implement methods to enhance the safety program on a continuous basis through the use of auditing, review, and assessment

Knowledge of

  • Data collection and intelligence analysis techniques
  • Continuous assessment and improvement processes
  • Audit and testing techniques

TASK 3: Develop and coordinate external relations programs with public sector law enforcement or other external organizations to fulfill security objectives

Knowledge of

  • Roles and responsibilities of external organizations and agencies
  • Local, national, and international public/private partnerships
  • Methods for creating effective working relationships

TASK 4: Develop, implement, and coordinate employee security awareness programs 

Knowledge of

  • The nature of verbal and non-verbal communication and cultural considerations
  • Security industry standards
  • Training methodologies
  • Communication strategies, techniques, and methods
  • Security awareness program objectives and metrics

TASK 5: Implement and/or coordinate an investigative program

Knowledge of

  • Report preparation for internal purposes and legal proceedings
  • Components of investigative processes 
  • Types of investigations (e.g., incident, misconduct, compliance)
  • Internal and external resources to support investigative functions
TASK 6: Provide coordination, assistance, and evidence such as documentation and testimony to support legal proceedings

Knowledge of

  • Required components of effective documentation (e.g., legal, employee, procedural, policy, compliance)
  • Evidence collection and protection techniques
  • Relevant laws and regulations regarding records management, retention, legal holds, and destruction practices (Note: No country specific laws will be on the APP exam)

TASK 7: Conduct background investigations for hiring, promotion, and/or retention of individuals 

Knowledge of

  • Background investigations and personnel screening techniques
  • Quality and types of information and data sources
  • Criminal, civil, and employment law and procedures

TASK 8: Develop, implement, coordinate, and evaluate policies, procedures, programs, and methods to protect individuals in the workplace against human threats (e.g., harassment, violence)

Knowledge of

  • Principles and techniques of policy and procedure development
  • Protection personnel, technology, and processes
  • Regulations and standards governing or affecting the security industry and the protection of people, property, and information
  • Educational and awareness program design and implementation

TASK 9: Conduct and/or coordinate an executive/personnel protection program

Knowledge of

  • Travel security program components
  • Executive/personnel protection program components
  • Protection personnel, technology, and processes

TASK 10: Develop and/or maintain a physical security program for an organizational asset

Knowledge of

  • Resource management techniques
  • Preventive and corrective maintenance for systems
  • Physical security protection equipment, technology, and personnel
  • Security theory, techniques, and processes
  • Fundamentals of security system design
TASK 11: Recommend, implement, and coordinate physical security controls to mitigate security risks

Knowledge of

  • Risk mitigation techniques (e.g., technology, personnel, process, facility design, infrastructure)
  • Physical security protection equipment, technology, and personnel
  • Security survey techniques

TASK 12: Evaluate and integrate technology into security program to satisfy organizational goals

Knowledge of

  • Surveillance techniques and technology
  • Integration of technology and personnel
  • Plans, drawings, and schematics
  • Information security theory and systems methodology

TASK 13: Coordinate and implement security policies that contribute to an information security program

Knowledge of

  • Practices to protect proprietary information and intellectual property
  • Information protection technology, investigations, and procedures 
  • Security program components (e.g., asset protection, physical security, procedural security, information systems security, employee awareness, and information destruction and recovery capabilities)
  • Information security threats
DOMAIN 2: BUSINESS OPERATIONS (22%)

TASK 1: Propose budgets and implement financial controls to ensure fiscal responsibility

Knowledge of

  • Data analysis techniques and cost-benefit analysis
  • Principles of business management accounting, control, and audits
  • Return on Investment (ROI) analysis
  • Fundamental business finance principles and financial reporting
  • Budget planning process
  • Required components of effective documentation (e.g., budget, balance sheet, vendor work orders, contracts)

TASK 2: Implement security policies, procedures, plans, and directives to achieve organizational objectives

Knowledge of

  • Principles and techniques of policy/procedure development
  • Guidelines for individual and corporate behavior
  • Improvement techniques (e.g., pilot programs, education, and training)
TASK 3: Develop procedures/techniques to measure and improve departmental productivity

Knowledge of

  • Communication strategies, methods, and techniques
  • Techniques for quantifying productivity/metrics/key performance indicators (KPI)
  • Project management fundamentals tools and techniques
  • Principles of performance evaluations, 360 reviews, and coaching
TASK 4: Develop, implement, and coordinate security staffing processes and personnel development programs in order to achieve organizational objectives

Knowledge of

  • Retention strategies and methodologies
  • Job analysis processes
  • Cross-functional collaboration
  • Training strategies, methods, and techniques
  • Talent management and succession planning
  • Selection, evaluation, and interview techniques for staffing
TASK 5: Monitor and ensure a sound ethical culture in accordance with regulatory requirements and organizational objectives

Knowledge of

  • Interpersonal communications and feedback techniques
  • Relevant laws and regulations
  • Governance and compliance standards
  • Generally accepted ethical principles
  • Guidelines for individual and corporate behavior

TASK 6: Provide advice and assistance in developing key performance indicators and negotiate contractual terms for security vendors/suppliers

Knowledge of

  • Confidential information protection techniques and methods
  • Relevant laws and regulations
  • Key concepts in the preparation of requests for proposals and bid reviews/evaluations
  • Service Level Agreements (SLA) definition, measurement, and reporting
  • Contract law, indemnification, and liability insurance principles
  • Monitoring processes to ensure that organizational needs and contractual requirements are being met
  • Vendor qualification and selection process
DOMAIN 3: RISK MANAGEMENT (25%)

TASK 1: Conduct initial and ongoing risk assessment processes

Knowledge of

  • Risk management strategies (e.g., avoid, assume/accept, transfer, mitigate)
  • Business impact analysis methodology
  • Risk management theory and terminology (e.g., threats, likelihood, vulnerability, impact)
TASK 2: Assess and prioritize threats to address potential consequences of incidents

Knowledge of

  • Potential threats to an organization
  • Holistic approach to assessing all-hazard threats
  • Techniques, tools, and resources related to internal and external threats

TASK 3: Prepare, plan and communicate how the organization will identify, classify, and address risks

Knowledge of

  • Risk management compliance testing (e.g., program audit, internal controls, self-assessment)
  • Quantitative and qualitative risk assessments
  • Risk management standards
  • Vulnerability, threat, and impact assessments

TASK 4: Implement and/or coordinate recommended countermeasures for new risk

treatment strategies

Knowledge of

  • Countermeasures
  • Mitigation techniques
  • Cost-benefit analysis methods for risk treatment strategies
TASK 5: Establish a business continuity or continuity of operations plan (COOP)

Knowledge of

  • Business continuity standards
  • Emergency planning techniques
  • Risk analysis
  • Gap analysis

TASK 6: Ensure pre-incident resource planning (e.g., mutual aid agreements, table-top exercises)

Knowledge of

  • Data collection and trend analysis techniques
  • Techniques, tools, and resources related to internal and external threats
  • Quality and types of information and data sources
  • Holistic approach to assessing all-hazard threats
DOMAIN 4: RESPONSE MANAGEMENT (18%)

TASK 1: Respond to and manage an incident using best practices

Knowledge of

  • Primary roles and duties in an incident command structure
  • Emergency operations center (EOC) management principles and practices

TASK 2: Coordinate the recovery and resumption of operations following an incident

Knowledge of

  • Recovery assistance resources
  • Mitigation opportunities during response and recovery processes

TASK 3: Conduct a post-incident review

Knowledge of

  • Mitigation opportunities during response and recovery processes
  • Post-incident review techniques

TASK 4: Implement contingency plans for common types of incidents (e.g., bomb threat, active shooter, natural disasters)

Knowledge of

  • Short- and long-term recovery strategies
  • Incident management systems and protocols
TASK 5: Identity vulnerabilities and coordinate additional countermeasures for an asset in a degraded state following an incident

Knowledge of

  • Triage/prioritization and damage assessment techniques
  • Prevention, intervention, and response tactics
TASK 6: Assess and prioritize threats to mitigate consequences of incidents

Knowledge of

  • Triage/prioritization and damage assessment techniques
  • Resource management techniques

TASK 7: Coordinate and assist with evidence collection for post-incident review (e.g., documentation, testimony)

Knowledge of

  • Communication techniques and notification protocols
  • Communication techniques and protocols of liaison
TASK 8: Coordinate with emergency services during incident response

Knowledge of

  • Emergency operations center (EOC) concepts and design
  • Emergency operations center (EOC) management principles and practices
  • Communication techniques and protocols of liaison

TASK 9: Monitor the response effectiveness to the incident(s)

Knowledge of

  • Post-incident review techniques
  • Incident management systems and protocols

TASK 10: Communicate regular status updates to leadership and other key stakeholders throughout the incident

Knowledge of

  • Communication techniques and protocols of liaison
  • Communication techniques and notification protocols

TASK 11: Monitor and audit the plan of how the organization will respond to incidents

Knowledge of

  • Training and exercise techniques
  • Post-incident review techniques

Associate Protection Professional (APP) Preparation guide

Associate Protection Professional (APP) preparation guide

Familiarize yourself with the syllabus of exam

First of all, you should familiarize yourself with all the topics and subtopics that are there in the Associate Protection Professional (APP) exam syllabus. This will help you gather a fair idea about required learning and will help you distribute your learning preparation. Also, the practical application of what you learn is really important so keep that in mind while studying. So, start your preparation by going through the syllabus thoroughly.

Explore the details of exam

Another aspect to consider before starting is to know all about the exam pattern, including details about the sort and number of questions and the time allotted. This will help you strategize your learning technique and will also help you manage your time while doing the exam.

Study resources

  • The APP Study Manual by ASIS explores the four domains of the APP and their tasks, explains key concepts and terms, and also presents information about studying for the exam.
  • Flash Cards are a comprehensive tool to help you identify key terms, understand critical concepts, and recall facts. Available in print or digital.
  • ASIS also offers certification review courses so as to help you study for your exam.
  • The publications listed below comprise the recommended APP reference materials. Moreover, it offers the following individually or in bundles.
  • Five Standards
    • Physical Asset Protection Standard
    • Security and Resilience in Organizations and their​ Supply Chains – Requirements with Guidance
    • Investigations
    • Workplace Violence Prevention and Intervention Standard
    • Risk Assessment
  • Protection of Assets Volumes
    • Protection of Security Management
    • Assets: Crisis Management
    • Protection of Assets: Business Principles

Join online communities

Joining study groups and communities can also prove to be of great help. This acts as a platform that connects professionals and beginners, which helps you get your queries solved and gives you the opportunity to have healthy discussions with peers from the same background. Hence, joining these groups helps to keep you updated.

Practice tests

  • The last and the most important step of preparation is practicing questions. This has dual benefits as it helps you not only evaluate your level of preparation but also helps you boost your confidence by attempting challenging questions.
  • The practice tests that Testpreptraining.com offers are definitely reliable and enough to practice in order to ace the exam.
  • We provide unique sets of questions that are designed by professionals for you to practice and sweep smoothly.
Associate Protection Professional (APP) practice tests

Menu