CCISO Certification Training

EC-Council’s CCISO certification validates a candidate’s expertise in addressing real-world challenges in information security and verifies their readiness to assume the role of the top executive responsible for information security within an organization. Many mid to large-sized companies worldwide employ a CISO, often with a highly competitive salary.

CISO, or Chief Information Security Officer, is an established top-level executive position in the industry, similar to CEO or CTO. CISO is the highest-level executive in an organization charged with information security.

With the increasing use of digital assets in the industry, the demand for CISOs across organizations is rising. The CISOs focus on the core areas pertaining to information security in an enterprise and lead the IS program.

The CCISO certification training aims to provide the learners with comprehensive knowledge and skills regarding the information security domain. The Chief Information Security Officer Certification Training covers vital areas such as policy setting, project management, audit management, executive strategy, contract management, and financial expertise.

These areas of knowledge are essential for leading a successful IS program. The CCISO certification validates the competence of a professional in handling top-level executive tasks and in effectively leading an information security program.

Learning Outcomes:

• Domain 1: Governance (Policy, Legal, and Compliance)
• Information Security Management Program
• Defining an Information Security Governance Program
• Regulatory and Legal Compliance
• Risk Management
• Domain 2: IS Management Controls and Auditing Management
• Designing, deploying, and managing security controls
• Understanding security controls types and objectives
• Implementing control assurance frameworks
• Understanding the audit management process
• Domain 3: Security Program Management & Operations
• The role of the CISO
• Information Security Projects
• Integration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)
• Domain 4: Information Security Core Concepts
• Access Controls
• Physical Security
• Disaster Recovery and Business Continuity Planning
• Network Security
• Threat and Vulnerability Management
• Application Security
• System Security
• Encryption
• Vulnerability Assessments and Penetration Testing
• Computer Forensics and Incident Response
• Domain 5: Strategic Planning, Finance, & Vendor Management
• Security Strategic Planning
• Alignment with business goals and risk tolerance
• Security emerging trends
• Key Performance Indicators (KPI)
• Financial Planning
• Development of business cases for security
• Analyzing, forecasting, and developing a capital expense budget
• Analyzing, forecasting, and developing an operating expense budget
• Return on Investment (ROI) and cost-benefit analysis
• Vendor management
• Integrating security requirements into the contractual agreement and procurement process

Target Audience:

• This course is ideal for:
• Network Engineers with security specialization
• Experienced IT Professionals engaged in information security management
• Those who perform CISO functions, but don’t have an official title
• All the professionals who aspire to reach top-level position in information security profession

Pre-requisites:

• Candidates who are sitting for the exam without training must have 5 years of experience in the 5 core CCISO domains verified via the Exam Eligibility Application.
• Candidates who have taken training must possess 3 years of IS management experience in 3 of the 5 core CCISO domains verified via the Exam Eligibility Application.