Certified Information Security Manager(CISM)
CISM stands for “Certified Information Security Manager”. The ISACA® Certified Information Security Manager™ is the fastest growing and the most prestigious qualification available for Information Security managers. The CISM certification is for the individual, who manages designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.
CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice. This 5-day training program provides an intense environment in which participants will acquire the skills and knowledge needed to meet the requirements of the CISM certification.
Certified Information Security Manager(CISM)
- Identify critical issues and customize company-specific practices to support the governance of information and related technologies
- Bring credibility to the enterprise for which they are employed
- Take a comprehensive view of information systems security management and their relationship to organizational success
- Demonstrate to enterprise customers their commitment to compliance, security and integrity; ultimately contributing to the attraction and retention of customers
- Ensure that there is improved alignment between the organization’s information security program and its broader goals and objectives
- To provide an environment in which security professionals can acquire, thoroughly and properly, the skills and knowledge expected of a world class information security manager.
Certified Information Security Manager(CISM)
- Any candidate can attend training who want to learn about CISM
- Internal and external auditors
- IT and Information security professionals
- IS/IT Auditors
- IT Managers
- IS/IT Consultants
- IS/IT Audit Managers
- Security Professionals
- System Analysts
- CIOs
- CTOs
- Compliance officers
- Aspirants in the field of information security and assurance
Overview
Certified Information Security Manager | CISM
CISM stands for “Certified Information Security Manager”. The ISACA® Certified Information Security Manager™ is the fastest growing and the most prestigious qualification available for Information Security managers. The CISM certification is for the individual, who manages designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.
CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice. This 4-day training program provides an intense environment in which participants will acquire the skills and knowledge needed to meet the requirements of the CISM certification.
Course Outline
Certified Information Security Manager(CISM)
1. Information Security Governance and Strategy Introduction
- Effective Information Security Governance
- Key Information Security Concepts and Issues
- Business Objectives
- The IS Manager roles and responsibilities
- Scope and Charter of Information Security Governance
- IS Governance Metrics
- Developing an IS Strategy – Common Pitfalls
- IS Strategy Objectives
- Determining Current State of Security
- Strategy Resources
- Strategy Constraints
- Action Plan Immediate Goals
- Action Plan Intermediate Goals
2. Risk Management
- Effective Information Security Risk Management
- Risk Management Concepts & Technologies
- Integration into Life Cycle Processes
- Implementing Risk Management
- Risk Identification and Analysis Methods
- Mitigation Strategies and Prioritization
- Reporting Changes to Management
3. Information Security Program Management
- Program objective and security program concept
- Management Framework
- Security Baselines
- Business Processes
- Infrastructure and architecture
- Business case
- Malicious Code (Malware)
- Life Cycles
- Impact on End Users
- Accountability
- Security Metrics
- Managing Internal and External Resources
4. Information Security Management
- Implementing Effective Information Security Management
- Security Controls and Policies
- Standards and Procedures
- Trading Partners and Service Providers
- Security Metrics and Monitoring
- The Change Management Process
- Vulnerability Assessments
- Due Diligence
- Resolution of Non-Compliance Issues
- Culture%
