Certified Information Security Manager (Cism)

Exam Preparatory course

What you'll learn

IT security managers who are responsible for developing and managing information security programs within their organizations.

IT auditors who want to understand information security management best practices and how to audit information security programs.

IT risk management professionals who want to understand how to identify, assess, and manage information security risks.

Security consultants who want to develop expertise in information security management and provide consulting services to organizations.

IT professionals who want to advance their careers in information security management.

Requirements

Experience: Candidates must have a minimum of five years of experience in information security management, with at least three years of experience in the role of an information security manager.

Education: Candidates can substitute one year of experience with a four-year degree in information security management or a related field.

Adherence to the Code of Ethics: Candidates must adhere to the ISACA Code of Ethics.

Continuing Education: Candidates must commit to ongoing professional education and development to maintain their CISM certification.

Description

Certified Information Security Manager (CISM) is a certification course designed for IT professionals who are responsible for developing, managing, and overseeing information security programs within their organizations. This course provides a comprehensive understanding of the best practices in information security management, risk management, and incident management.The CISM certification is designed for IT professionals who have experience in information security management, and who are responsible for managing and overseeing information security programs within their organizations. This course is suitable for IT security managers, IT auditors, IT risk management professionals, and individuals who want to advance their careers in information security management.The Certified Information Security Manager (CISM) certification course is designed for IT professionals who are responsible for developing, managing, and overseeing information security programs within their organizations.The CISM certification is designed for experienced information security professionals who have a deep understanding of information security management best practices and who want to develop the skills required to manage and oversee information security programs within their organizations. The prerequisites are in place to ensure that candidates have the necessary experience and knowledge to successfully complete the course and earn the CISM certification.Overall, the CISM certification course provides a comprehensive understanding of information security management best practices, and helps candidates develop the skills required to manage and oversee information security programs within their organizations.

Overview

Section 1: Information Security Governance

Lecture 1 Course Overview

Lecture 2 Enterprise Governance

Lecture 3 Organizational Culture

Lecture 4 Legal Regulatory & Contractual Requirements

Lecture 5 Organizational Structures Roles & Responsibilities

Lecture 6 Information Security Strategy Development

Lecture 7 Information Governance Frameworks & Standards

Lecture 8 Strategic Planning

Lecture 9 Information Security Governance - Key Points

Section 2: Information Security Risk Management

Lecture 10 Information Security Risk Assessment

Lecture 11 Emerging Risk & Threat Landscape

Lecture 12 Vulnerability & Control Deficiency Analysis

Lecture 13 Risk Assessment & Analysis - Background

Lecture 14 Risk Assessment & Analysis - Scenarios

Lecture 15 Risk Assessment & Analysis - Process

Lecture 16 Risk Assessment & Analysis - Methodologies

Lecture 17 Risk Assessment & Analysis - Analysis

Lecture 18 Risk Treatment & Risk Response Options

Lecture 19 Risk & Control Ownership

Lecture 20 Risk Monitoring & Reporting

Lecture 21 Information Security Risk Management - Key Points

Section 3: Information Security Program

Lecture 22 Information Security Program Overview

Lecture 23 Information Security Program Resources

Lecture 24 Information Asset Identification & Classification

Lecture 25 Standards & Frameworks for Information Security

Lecture 26 Information Security Policies Procedures & Guidelines

Lecture 27 Information Security Program Metrics

Lecture 28 Information Security Control Design & Selection

Lecture 29 Control Implementation Integration Testing & Evaluation

Lecture 30 Information Security Awareness & Training

Lecture 31 Integration with IT Operations - SDLC & DevOps

Lecture 32 Integration with IT Operations - ITSM

Lecture 33 Integration with IT Operations - Cloud

Lecture 34 Management of External Services

Lecture 35 Information Security Program Communications & Reporting

Lecture 36 Information Security Program - Key Points

Section 4: Incident Management

Lecture 37 Incident Management Readiness

Lecture 38 Incident Response Plan

Lecture 39 Business Impact Analysis (BIA)

Lecture 40 Spotlight on BIA Derived Objectives

Lecture 41 Business Continuity Plan (BCP)

Lecture 42 Disaster Recovery Plan (DRP)

Lecture 43 Incident Classification & Categorization

Lecture 44 Incident Management Training Testing & Evaluation

Lecture 45 Incident Management Tools & Techniques

Lecture 46 Evaluation Containment Communication & Recovery

Lecture 47 Post-incident Review Practices

Lecture 48 Incident Management - Key Points

IT security managers who are responsible for developing and managing information security programs within their organizations.,IT auditors who want to understand information security management best practices and how to audit information security programs.,IT risk management professionals who want to understand how to identify, assess, and manage information security risks.,Security consultants who want to develop expertise in information security management and provide consulting services to organizations.,IT professionals who want to advance their careers in information security management.