Certified Information Security Manager (CISM) Course

Certified Information Security Manager (CISM) Course -
Certified Information Security Manager (CISM) Course
  • Featured

    Certified Information Security Manager (CISM) Course

    1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)

    3 Dages kursus

    ISACA Certifications

    Kommende datoer

     Aug 14 to Aug 16, 2017

    Course Details

    Certified Information Security Manager (CISM®) Certification

    You will establish processes to ensure that information security measures align with established business needs.

    Certification: CISM The CISM exam is offered three times a year (June, September and December) and consists of 200 multiple-choice questions. The CISM exam is focused on the four domains defined by ISACA.

    Upon successful completion of this course, students will be able to:

    • Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
    • Identify and manage information security risks to achieve business objectives.
    • Create a program to implement the information security strategy.
    • Implement an information security program.
    • Oversee and direct information security activities to execute the information security program.
    • Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents.

    Lesson 1: Information Security Governance

    Topic 1A: Develop an Information Security Strategy
    Topic 1B: Align Information Security Strategy with Corporate Governance
    Topic 1C: Identify Legal and Regulatory Requirements
    Topic 1D: Justify Investment in Information Security
    Topic 1E: Identify Drivers Affecting the Organization
    Topic 1F: Obtain Senior Management Commitment to Information Security
    Topic 1G: Define Roles and Responsibilities for Information Security
    Topic 1H: Establish Reporting and Communication Channels

    Lesson 2: Information Risk Management

    Topic 2A: Implement an Information Risk Assessment Process
    Topic 2B: Determine Information Asset Classification and Ownership
    Topic 2C: Conduct Ongoing Threat and Vulnerability Evaluations
    Topic 2D: Conduct Periodic BIAs
    Topic 2E: Identify and Evaluate Risk Mitigation Strategies
    Topic 2F: Integrate Risk Management into Business Life Cycle Processes
    Topic 2G: Report Changes in Information Risk

    Lesson 3: Information Security Program Development

    Topic 3A: Develop Plans to Implement an Information Security Strategy
    Topic 3B: Security Technologies and Controls
    Topic 3C: Specify Information Security Program Activities
    Topic 3D: Coordinate Information Security Programs with Business Assurance Functions
    Topic 3E: Identify Resources Needed for Information Security Program Implementation
    Topic 3F: Develop Information Security Architectures
    Topic 3G: Develop Information Security Policies
    Topic 3H: Develop Information Security Awareness, Training, and Education Programs
    Topic 3I: Develop Supporting Documentation for Information Security Policies

    Lesson 4: Information Security Program Implementation

    Topic 4A: Integrate Information Security Requirements into Organizational Processes
    Topic 4B: Integrate Information Security Controls into Contracts
    Topic 4C: Create Information Security Program Evaluation Metrics

    Lesson 5: Information Security Program Management

    Topic 5A: Manage Information Security Program Resources
    Topic 5B: Enforce Policy and Standards Compliance
    Topic 5C: Enforce Contractual Information Security Controls
    Topic 5D: Enforce Information Security During Systems Development
    Topic 5E: Maintain Information Security Within an Organization
    Topic 5F: Provide Information Security Advice and Guidance
    Topic 5G: Provide Information Security Awareness and Training
    Topic 5H: Analyze the Effectiveness of Information Security Controls
    Topic 5I: Resolve Noncompliance Issues

    Lesson 6: Incident Management and Response

    Topic 6A: Develop an Information Security Incident Response Plan
    Topic 6B: Establish an Escalation Process
    Topic 6C: Develop a Communication Process
    Topic 6D: Integrate an IRP
    Topic 6E: Develop IRTs
    Topic 6F: Test an IRP
    Topic 6G: Manage Responses to Information Security Incidents
    Topic 6H: Perform an Information Security Incident Investigation
    Topic 6I: Conduct Post-Incident Reviews


    The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

    To ensure your success, we recommend that students taking this course should have professional experience in information security in at least one of the following areas:

    • Information security governance
    • Information risk management
    • Information security program development
    • Information security program management
    • Incident management and response
    • Familiarity with TCP/IP
    • Understanding of UNIX, Linux, and Windows.