CISM Certification Course

by Cybercert Claim Listing

ISACA’s Certified Information Security Manager (CISM) certification indicates expertise in information security governance, program development and management, incident management and risk management. Take your career out of the technical realm to management!

Price : Enquire Now

Contact the Institutes

Fill this form

Advertisement

Cybercert Logo

img Duration

Please Enquire

Course Details

ISACA’s Certified Information Security Manager (CISM) certification indicates expertise in information security governance, program development and management, incident management, and risk management. Take your career out of the technical realm to management!

 

Course Outline

Domain 1: Information Security Governance

  • Develop an information security strategy, aligned with business goals and directives.

  • Establish and maintain an information security governance framework.

  • Integrate information security governance into corporate governance.

  • Develop and maintain information security policies.

  • Develop business cases to support investments in information security.

  • Identify internal and external influences to the organization.

  • Gain ongoing commitment from senior leadership and other stakeholders.

  • Define, communicate and monitor information security responsibilities

  • Establish internal and external reporting and communication channels.

 

Domain 2: Information Risk Management

  • Establish and/or maintain a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value.

  • Identify legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels.

  • Ensure that risk assessments, vulnerability assessments and threat analyses are conducted consistently, and at appropriate times, to identify and assess risk to the organization’s information.

  • Identify, recommend or implement appropriate risk treatment/response options to manage risk to acceptable levels based on organizational risk appetite.

  • Determine whether information security controls are appropriate and effectively manage risk to an acceptable level.

  • Facilitate the integration of information risk management into business and IT processes to enable a consistent and comprehensive information risk management program across the organization.

  • Monitor for internal and external factors (e.g., threat landscape, cybersecurity, geopolitical, regulatory change) that may require reassessment of risk to ensure that changes to existing or new risk scenarios are identified and managed appropriately.

  • Report noncompliance and other changes in information risk to facilitate the risk management decision-making process.

  • Ensure that information security risk is reported to senior management to support an understanding of potential impact on the organizational goals and objectives.

 

Domain 3: Information Security Program Development & Management

  • Develop a security program, aligned with information security strategy

  • Ensure alignment between the information security program and other business functions

  • Establish and maintain requirements for all resources to execute the IS program

  • Establish and maintain IS architectures to execute the IS program

  • Develop documentation that ensures compliance with policies

  • Develop a program for information security awareness and training

  • Integrate information security requirements into organizational processes

  • Integrate information security requirements into contracts and activities of third parties

  • Develop procedures (metrics) to evaluate the effectiveness and efficiency of the IS program

  • Compile reports to key stakeholders on overall effectiveness of the IS program and the underlying business processes in order to communicate security performance.

 

Domain 4: Information Security Incident Management

  • Define (types of) information security incidents

  • Establish an incident response plan

  • Develop processes for timely identification of information security incidents

  • Develop processes to investigate and document information security incidents

  • Develop incident escalation and communication processes

  • Establish teams that effectively respond to information security incidents

  • Test and review the incident response plan

  • Establish communication plans and processes

  • Determine the root cause of IS incidents

  • Align incident response plan with DRP and BCP

  • Toronto Branch

    3660, Midland Avenue, #300, Toronto

Check out more CISM courses in Canada

Technologia IT Group Inc Logo

Cybersecurity: Learning How Network Technologies Work

Be able to describe the operation and use of different network technologies.

by Technologia IT Group Inc [Claim Listing ]
Network Expert Inc. Logo

Palo Alto Certified Network Security Engineer

Configure and manage the essential features of Palo Alto Networks® Next Generation firewalls

by Network Expert Inc. [Claim Listing ]
SBC (Saskatoon Business College) Logo

Cyber Security

This course is designed for you as a non-technical end user of computers, mobile devices, networks, and the Internet, to enable you to use technology more securely to minimize digital risks.

by SBC (Saskatoon Business College) [Claim Listing ]
  • Price
  • Start Date
  • Duration
Global Knowledge Logo

Cybersecurity Fundamentals

This cybersecurity course gives you a holistic perspective on the challenges of designing a secure system, touching on all the roles needed to deliver a cohesive security solution. 

by Global Knowledge [Claim Listing ]
ETS Formation Logo

Demystifying Cybersecurity (The Top 10 Risks And Threats)

Become familiar with the threats and risks that are at our doors from the moment we are connected to a network, on the Web or in connection with social networks.

by ETS Formation [Claim Listing ]

© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy