CISM: Certified Information Security Manager

This Official ISACA Certified Information Security Manager (CISM) training course focuses on the construction, development, and governance of information security operations. Possession of this certification displays precise knowledge, practice, and copious amounts of experience in the realm of information security management. This CISM training course takes into account practical issues, like the creation of information security programs, and incident management, whilst promoting security practices used globally. CISM teaches delegates how to tailor ever-changing technology to their enterprises. This enables the enterprises to emerge as a valuable organisation and may expand their clientele due to their implementation of CISM certified individuals.

Audience

CISM certification is a globally recognised professional requirement in the IT Security domain. This certification is best suited for:

• Security consultants and managers
• IT directors and managers
• Security auditors and architects
• Security systems engineers
• Chief Information Security Officers (CISOs)
• Information security managers
• IS/IT consultants
• Chief Compliance/Privacy/Risk Officers

The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.

Prerequisites

There are no prerequisites to attend this course.
However, to get the CISM certification you need to:

• Pass the CISM examination
• Submit an application for CISM certification
• Pay a $50 application fee directly to ISACA
• Adhere to the Code of Professional Ethics
• Dedicate to the Continuing Professional Education Program
• Compliance with the Information Security Standards
• A minimum of 5 years of professional information systems auditing, control or security work experience is required for the CISM certification

The examination is open to all individuals who have an interest in information security. 

Please read detailed information about the CISM certification

Learning Outcomes

This CISM course will give you the requisite skillsets to design, deploy and manage security architecture for your organisation. The course is aligned with ISACA best practices and is designed to help you pass the CISM exam on your first attempt. Enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification, and it is considered essential to ongoing education and career development. This course will see that you are well-equipped to manage the ongoing security, compliance and governance of your IT organisation.

The CISM Domains Weight:

Domain 1: Information Security Governance (17%)
Domain 2: Information Risk Management (20%)
Domain 3: Information Security Program Development and Management (33%)
Domain 4: Information Security Incident Management (30%)

Course Outline

This CISM training course covers the following areas:

• Introduction to Certified Information Security Manager (CISM)
• Objectives and Expectations
• What is Information Security?
• The Goals of Information Security
• Principles for Information Security Professionals

 

Domain 1 – Information Security Governance

Introduction to Information Security Governance
Effective Information Security Governance
Governance and Third Party Relationships
Information Security Metrics
Information Security Governance Metrics
Information Security Strategy
Information Security Strategy Development
Strategy Resources and Constraints
Other Frameworks
Compliances
Action Plans to Implement Strategy
Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance

Information Risk Management
Risk Management Overview
Risk Assessment
Information Asset Classification
Assessment Management
Information Resource Valuation
Recovery Time Objectives
Security Control Baselines
Risk Monitoring
Training and Awareness
Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management

Information Security Program Management Overview
Information Security Program Objectives
Information Security Program Concepts
Information Security Program Technology Resources
Information Security Program Development
Information Security Program Framework
Information Security Program Roadmap
Enterprise Information Security Architecture (EISA)
Security Program Management and Administration
Security Program Services and Operational Activities
Controls
Security Program Metrics and Monitoring
Measuring Operational Performance
Common Information Security Program Challenges

Domain 4 – Information Security Incident Management

Incident Management Overview
Incident Management Procedures
Incident Management Resources
Incident Management Objectives
Incident Management Metrics and Indicators
Defining Incident Management Procedures
Business Continuity and Disaster Recovery Procedures
Post Incident Activities and Investigation
ISACA Code of Professional Ethics
Laws and Regulations
Policy Versus Law Within an Organisation
Ethics and the Internet IAB
Certified Information Security Manager

Certification

This course will help you prepare for ISACA’s Certified Information Security Manager (CISM) certification, and you will receive the following when booking this course:

• ISACA CISM Exam Prep Tool
• ISACA CISM Exam Voucher

IMPORTANT NOTE! Exam must be taken online

• This exam is sat separately from the course.
• Delegates must book the exam directly from ISACA using their exam voucher. Read more about CISM exam and certification 
• At present the CISM exam must be taken as online exam, as there is no onsite exam possibilities in Norway. 

Other relevant courses