CISM – Certified Information Security Manager

Certified Information Security Manager (CISM) Training Overview

This Certified Information Security Manager (CISM) training course focuses on the construction, development, and governance of information security operations. Possession of this certification displays precise knowledge, practice, and copious amounts of experience in the realm of information security management.  This CISM training course takes into account practical issues, like the creation of information security programs, and incident management, whilst promoting security practices used globally. CISM teaches delegates how to tailor ever-changing technology to their enterprises. This enables the enterprises to emerge as a valuable organisation and may expand their clientele due to their implementation of CISM certified individuals.

The demand for skilled information security management professionals is increasing, hence this CISM certification fulfils business needs. CISM has been accepted as the universal standard to strive towards within the sphere of information security, thus depicting the qualification as a prominent representation of expertise and commitment. This causes CISM holders to be identified as the most certified professionals in the information security realm and means delegates can recognise the link between information security programs and the larger goals of the organisation. Delegates will be provided with everything they need to pass the ISACA exam.

Audience:  Security professionals with at least three years of experience in information security management can join this CISM course to advance their existing knowledge and skills.

Course Prerequisites

Five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas.

CISM Training Outline:

This CISM training course covers the following areas:

Introduction to Certified Information Security Manager (CISM)

• Objectives and Expectations
• What is Information Security?
• The Goals of Information Security
• Principles for Information Security Professionals

Domain 1 – Information Security Governance

• Outline
• Knowledge Statements
• Introduction to Information Security Governance
• Effective Information Security Governance
• Governance and Third Party Relationships
• Information Security Metrics
• Information Security Governance Metrics
• Information Security Strategy
• Information Security Strategy Development
• Strategy Resources and Constraints
• Other Frameworks
• Compliances
• Action Plans to Implement Strategy
• Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance

• Information Risk Management
• Task and Knowledge Statements
• Risk Management Overview
• Risk Assessment
• Information Asset Classification
• Assessment Management
• Information Resource Valuation
• Recovery Time Objectives
• Security Control Baselines
• Risk Monitoring
• Training and Awareness
• Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management

• Task and Knowledge Statements
• Information Security Program Management Overview
• Information Security Program Objectives
• Information Security Program Concepts
• Information Security Program Technology Resources
• Information Security Program Development
• Information Security Program Framework
• Information Security Program Roadmap
• Enterprise Information Security Architecture (EISA)
• Security Program Management and Administration
• Security Program Services and Operational Activities
• Controls
• Security Program Metrics and Monitoring
• Measuring Operational Performance
• Common Information Security Program Challenges

Domain 4 – Information Security Incident Management

• Task and Knowledge Statements
• Incident Management Overview
• Incident Management Procedures
• Incident Management Resources
• Incident Management Objectives
• Incident Management Metrics and Indicators
• Defining Incident Management Procedures
• Business Continuity and Disaster Recovery Procedures
• Post Incident Activities and Investigation
• ISACA Code of Professional Ethics
• Laws and Regulations
• Policy Versus Law Within an Organization
• Ethics and the Internet IAB
• Certified Information Security Manager
• Certification requirements
• CISM in the Workplace
• The CISM Priorities
• Understand How Questions Are Structured
• Preparing for the Examination
• Recommended Reading for the CISM Exam
• Exam Favourites