CISM (Certified Information Security Manager)

In today’s business environment, enterprises must be able to manage risk and protect against threats from a variety of sources. To meet these challenges, enterprises need security leaders who are strategic thinkers and can develop and implement security initiatives and policies that align with business objectives.

ISACA’s Certified Information Security Manager (CISM) certification is designed for experienced IT security professionals who want to demonstrate their skills in information security management. CISM holders are recognized as experts in the field and are highly sought after by employers.

If you are looking to take your career to the next level, CISM is the perfect credential for you. With CISM, you will be able to show potential employers that you have the knowledge and skills needed to be a successful security leader.

The ISACA CISM certification can add credibility and confidence to interactions with internal and external stakeholders, peers, and regulators.

This cybersecurity certification indicates expertise in information security governance, program development and management, incident management, and risk management.

The content of this course is:

• Aligned with the CISM job practice

• Adapted from the CISM Review Manual, 16th Edition

• Reviewed by subject-matter experts that hold the CISM certification

The course features an enhanced facilitator guide, additional participant resources, knowledge check questions from the CISM Questions, Answers, and Explanations (QAE) database, along with scenario-based activities and enrichment materials (articles, podcasts, and whitepapers) selected from the ISACA website to provide learners with an opportunity to go deeper into specific areas related to the course content.

Skills Covered:

• Explain the relationship between executive leadership, enterprise governance, and information security governance.

• Outline the components used to build an information security strategy.

• Explain how the risk assessment process influences the information security strategy.

• Articulate the process and requirements used to develop an effective information risk response strategy.

• Describe the components of an effective information security program.

• Explain the process for building and maintaining an enterprise information security program.

• Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident.

• Outline methods to measure and improve response and recovery capabilities.