Certified Information Security Manager Training

Certified Information Security Manager | CISM by ISACA is a certification course offered by Infosavvy, that involves information security, assurance, risk management and governance. CISM is one of the highest-paying sought after IT certifications.

This course is developed for experienced information security managers and those with information security management responsibilities which includes:

• Information Security Managers
• Aspiring Information Security Managers
• IS/IT Consultants
• Chief Information Officers

CISM stands for “Certified Information Security Manager”. The ISACA® Certified Information Security Manager™ is the fastest growing and the most prestigious qualification available for Information Security managers. The CISM certification is for the individual, who manages designs, oversees and/or assesses an enterprise’s information security (IS).

The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.

CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice.

This 5-day training program provides an intense environment in which participants will acquire the skills and knowledge needed to meet the requirements of the CISM certification.

Outline:

• Information Security Governance and Strategy Introduction
• Effective Information Security Governance
• Key Information Security Concepts and Issues
• Business Objectives
• The IS Manager roles and responsibilities
• Scope and Charter of Information Security Governance
• IS Governance Metrics
• Developing an IS Strategy – Common Pitfalls
• IS Strategy Objectives
• Determining Current State of Security
• Strategy Resources
• Strategy Constraints
• Action Plan Immediate Goals
• Action Plan Intermediate Goals
•  Risk Management
• Effective Information Security Risk Management
• Risk Management Concepts & Technologies
• Integration into Life Cycle Processes
• Implementing Risk Management
• Risk Identification and Analysis Methods
• Mitigation Strategies and Prioritization
• Reporting Changes to Management
•  Information Security Program Management
• Program objective and security program concept
• Management Framework
• Security Baselines
• Business Processes
• Infrastructure and architecture
• Business case
• Malicious Code (Malware)
• Life Cycles
• Impact on End Users
• Accountability
• Security Metrics
• Managing Internal and External Resources
•  Information Security Management
• Implementing Effective Information Security Management
• Security Controls and Policies
• Standards and Procedures
• Trading Partners and Service Providers
• Security Metrics and Monitoring
• The Change Management Process
• Vulnerability Assessments
• Due Diligence
• Resolution of Non-Compliance Issues
• Culture, Behavior and Security Awareness
•  Response Management
• Performing a Business Impact Analysis
• Developing Response and Recovery Plans
• Incident Response Processes
• Executing Response and Recovery Plans
• Documenting Events
• Post Event Reviews