Certified Information Security Manager

Overview:

This four-day course provides intensive revision for the challenging CISM exam, moving you closer to achieving the known benefits of CISM certification such as higher earning potential and career advancement. With a growing demand for people with Information Security (IS) Management skills.

CISM has become a leading international IS certification designed for those who manage, design, oversee or assess an organisation’s information security. “The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.” (ISACA)

Course Contents

The training programme covers the five CISM job practice domains:
Domain 1 – Information Security Governance
Domain 2 – Information Risk Management and Compliance
Domain 3 – Information Security Program Development and Management
Domain 4 – Information Security Incident Management
Domain 5 – Incident Management and Response

Information Security Governance

• Effective IS governance.
• Scope and charter of IS governance.
• IS Governance metrics.
• Developing an IS strategy.
• Strategy resources and constraints.

Information Risk Management and Compliance

• Risk management strategy and management.
• Implementing risk management.
• Risk assessment and analysis methodologies.
• Controls and counter measures.
• RTO and RPO.
• Security control baselines.

Information Security Program Development

• IS manager.
• IS program development objectives and road map.
• IS program resources.
• Implementing an IS program.
• Physical and environmental controls.
• IS program integration and metrics.

Information Security Program Management

• IS management framework.
• Measuring IS management performance.
• Common IS management challenges.
• IS management resources and considerations.
• Implementing management of the IS program.

Incident Management and Response

• Incident management concepts.
• Incident management metrics and indicators.
• Defining incident management procedures.
• Incident response capability.
• Developing an incident response plan.
• Developing/testing response and recovery plans.
• Documenting events.