Certified Information Security Manager

Certified Information Security Manager (4 Days)

Certified Information Security Manager (CISM), is a professional certification for Information Security Management professionals sponsored by ISACA. CISM is a highly-regarded credential in the IT industry. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents. ISACA created the CISM to help foster a better fusion between IT auditing and information security perspectives.

Benefits for CISM Certification

The demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area.

CISMs understand the business. They know how to manage and adapt technology to their enterprise and industry.

Focus on IT compliance and the integrity of enterprise systems to establish a more secure enterprise IT framework

Certified Information Security Manager (CISM) Training Outline

Domain 1 – Information Security Governance

  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT

 

Domain 2 – Information Risk Management and Compliance

  • Information Risk Management
  • Task and Knowledge Statements
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation

 

Domain 3 – Information Security Program Development and Management

  • Task and Knowledge Statements
  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges

 

Domain 4 – Information Security Incident Management

  • Task and Knowledge Statements
  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organization
  • Ethics and the Internet IAB
  • Certified Information Security Manager
  • Certification requirements
  • CISM in the Workplace
  • The CISM Priorities
  • Understand How Questions Are Structured
  • Preparing for the Examination
  • Recommended Reading for the CISM Exam
  • Exam Favorites