CISM Information Security Manager

View cart
CISM Information Security Manager

Certified Information Security Manager (CISM) Preparation Training – ISACA

Credential to be awarded: Certificate of Completion

Total Hours: 40
ALL Included: Fees, Itemized: Course book $225; Optional ISACA Certification Voucher $595

Total tuition & fees: $4100

Course Description

This certification preparation program is intended audience for this program is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. The Certified Information Security Manager (CISM) is a top credential for IT professionals responsible for managing, developing and overseeing information security systems in enterprise-level applications, or for developing best organizational security practices. Employment opportunities in this field include Information Security Officer, Security Consultant, Security Manager, and Chief Security Officer.

Day 1: Information Security Governance 

  • Topic A: Develop an Information Security Strategy
  • Topic B: Align Information Security Strategy with Corporate Governance
  • Topic C: Identify Legal and Regulatory Requirements
  • Topic D: Justify Investment in Information Security
  • Topic E: Identify Drivers Affecting the Organization
  • Topic F: Obtain Senior Management Commitment to Information Security
  • Topic G: Define Roles and Responsibilities for Information Security
  • Topic H: Establish Reporting and Communication Channels

Day 2: Information Risk Management 

  • Topic A: Implement an Information Risk Assessment Process
  • Topic B: Determine Information Asset Classification and Ownership
  • Topic C: Conduct Ongoing Threat and Vulnerability Evaluations
  • Topic D: Conduct Periodic BIAs
  • Topic E: Identify and Evaluate Risk Mitigation Strategies
  • Topic F: Integrate Risk Management into Business Life Cycle Processes
  • Topic G: Report Changes in Information Risk

Day 3: Information Security Program Development, and Information Security Program Implementation 

  • Topic A: Develop Plans to Implement an Information Security Strategy
  • Topic B: Security Technologies and Controls
  • Topic C: Specify Information Security Program Activities
  • Topic D: Coordinate Information Security Programs with Business Assurance Functions
  • Topic E: Identify Resources Needed for Information Security Program Implementation
  • Topic F: Develop Information Security Architectures
  • Topic G: Develop Information Security Policies
  • Topic H: Develop Information Security Awareness, Training, and Education Programs
  • Topic I: Develop Supporting Documentation for Information Security Policies
  • Topic J: Integrate Information Security Requirements into Organizational Processes
  • Topic K: Integrate Information Security Controls into Contracts
  • Topic L: Create Information Security Program Evaluation Metrics

Day 4: Information Security Program Management 

  • Topic A: Manage Information Security Program Resources
  • Topic B: Enforce Policy and Standards Compliance
  • Topic C: Enforce Contractual Information Security Controls
  • Topic D: Enforce Information Security During Systems Development
  • Topic E: Maintain Information Security Within an Organization
  • Topic F: Provide Information Security Advice and Guidance
  • Topic H: Provide Information Security Awareness and Training
  • Topic I: Analyze the Effectiveness of Information Security Controls
  • Topic J: Resolve Noncompliance Issues

Day 5: Incident Management and Response 

  • Topic A: Develop an Information Security Incident Response Plan
  • Topic B: Establish an Escalation Process
  • Topic C: Develop a Communication Process
  • Topic D: Integrate an IRP
  • Topic E: Develop IRTs
  • Topic F: Test an IRP
  • Topic G: Manage Responses to Information Security Incidents
  • Topic H: Perform an Information Security Incident Investigation
  • Topic I: Conduct Post-Incident Reviews

Recommendations and Prerequisites

OrganizationCertification Recommendations/
ISACA requires both a passing score on the exam as well as required work experience within a 5-year timeframe in order to be certified. A minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas. The work experience must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. Possible substitutions are outlined on the official ISACA website.
OrganizationCertification Exam Requirements
To receive a passing score, students must pass the certification exam with a passing grade of 450 or higher on a scale of 800 in the allotted 4-hour timeframe on the 200 question exam.

Course Features

  • Lectures 0
  • Quizzes 0
  • Duration 40 hours
  • Skill level Advanced Level
  • Language English
  • Students 10
  • Assessments Self
Curriculum is empty
View cart