CISM - Certified Information Security Manager

The Certified Information Security Manager (CISM) qualification is an international professional certification offered by ISACA for Information Security Managers. The certification recognises an individual's ability to design, implement and manage an information security programme.

Description

This CISM training course covers the following areas:

  • Introduction to Certified Information Security Manager (CISM)
  • Objectives and Expectations
  • What is Information Security?
  • The Goals of Information Security
  • Principles for Information Security Professionals

Domain 1 – Information Security Governance

  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance

  • Information Risk Management
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management

  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges

Domain 4 – Information Security Incident Management

  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organisation
  • Ethics and the Internet IAB
  • Certified Information Security Manager

Similar events

The Practitioners Certificate in Information Assurance Architecture (PCIAA) course prepares the student for a career in security architecture. A Security Architect (SA) is a senior-level enterprise architect role, either within a dedicated security team or as part of a more general Enterprise Architecture (EA) team.

More Information

The Practitioner Certificate in Information Risk Management (PCiIRM) provides thorough guidance on building a business focused ISMS strategy. Demonstrate your ability to deliver a robust system in line with ISO 17799, ISO 27001 and BS 7799-3 standards and make sure you are up-to-date with UK legislation, as well as international frameworks. Over five days you will work with BCS qualified professionals, learning how to understand and prevent threats to data within specific technical business environments.

More Information

NCSC Certified consultant training course will provide the latest understanding of the scope and requirements of the Cyber Essentials Standard. This will enable you to become a fully certified Cyber Essentials Consultant. The workshop-style training tasks and tips to ensure the participant leaves with practical knowledge to implement Cyber Essentials into businesses from within any industry and of any size.

More Information

The Certified DPO training course enables you to develop the necessary knowledge, skills and competence to effectively implement and manage a compliance framework with regard to the protection of personal data.

More Information

The NIST Cybersecurity Framework 800-53 Practitioner course, is an overlay course, based on the NIST Cyber Security Framework, a publication of the National Institute of Standards and Technology.

More Information

The NIST Cybersecurity Framework Foundation course, is an overlay course, based on the NIST Cyber Security Framework (NIST-CSF), a publication of the National Institute of Standards and Technology.

More Information

Gain core knowledge and experience to successfully implement and manage security programs and prepare for the 2024 CISSP certification. This 2024 updated course is the most comprehensive review of information security concepts and industry best practices, focusing on the eight domains of the CISSP-CBK (Common Body of Knowledge) that are covered in the CISSP exam.

More Information