CCISO (Certified Chief Information Security Officer)

The CCISO certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. The EC-Council CCISO body of knowledge covers all five CCISO domains in depth and was written by seasoned CISOs for current and aspiring CISOs.

Bringing together all the components required for a C-Level position, the CCISO program combines audit management, governance, IS controls, human capital management, strategic program development, and the financial expertise vital to leading a highly successful IS program. The job of the CISO is far too important to be learned by trial and error. Executive-level management skills are not areas that should be learned on the job.

The material in the CCISO Program assumes a high-level understanding of technical topics and doesn’t spend much time on strictly technical information but rather on the application of technical knowledge to an information security executive’s day-to-day work.

The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many sitting and aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper executive management roles.

Much of this is traditionally learned through on-the-job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management.

Training Includes

• Instructor-led, streaming video training modules: 1-year access

• Official EC-Council e-courseware: 1-year access

• Certification Exam Voucher

• Certificate of Attendance

Course Outline

In this course, you will learn in-depth content in each of the five CCISO domains:

• Domain 1 covers the importance of governance, including policy writing, aligning the security program to industry-recognized frameworks, and adhering to law and regulations.

• Domain 2 focuses on management controls, audit management, and risk management, taking you through detailed examples of how to run an audit and how to implement audit findings, including choosing the correct management controls for each situation and the importance of understanding asset value, risk tolerance, and risk treatment plans.

• Domain 3 goes through the day-to-day work of a CISO, including project management and how to ensure that information security is part of projects from their inception.

• Domain 4 stresses the importance of understanding technology and information security core concepts in order to lead teams of technicians and analysts and make decisions around technology issues. Technical issues are addressed from an executive point of view.

• Domain 5 addresses leadership, aligning security programs to the overall goals of the business, strategic management, executive buy-in, financial management, and much more.

• Taken together, these five domains of the C|CISO program provide the foundations for becoming an effective and knowledgeable executive information security practitioner.

Who is it for?

The CCISO program is for executives looking to hone their skills and better align their information security programs with business goals and objectives. This program also encourages existing CISOs to improve their technical and management skills, as well as their business procedures.