According to recent industry reports, cybercrime is expected to cost the world $10.5 trillion annually by 2025. The Certified Information Security Manager (CISM) certification equips professionals with the knowledge and skills to manage and govern an enterprise’s information security program effectively. This course provides expert-led training to help you prepare for the CISM certification exam, covering key domains like risk management, governance, and incident response.
Objectives
Develop, implement, and manage an enterprise information security program.
Establish governance frameworks for information security policies and procedures.
Conduct risk assessments and implement risk mitigation strategies.
Ensure compliance with industry regulations and legal requirements.
Oversee security incident management and response strategies.
Align information security with business objectives and IT governance.
Audience
The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.
Domain 1: Information Security Governance
Enterprise Governance Overview
Organizational Culture, Structures, Roles and Responsibilities
Legal, Regulatory and Contractual Requirements
Information Security Strategy
Information Governance Frameworks and Standards
Strategic Planning
Domain 2: Information Security Risk Management
Risk and Threat Landscape
Vulnerability and Control Deficiency Analysis
Risk Assessment, Evaluation and Analysis
Information Risk Response
Risk Monitoring, Reporting and Communication
Domain 3: Information Security Program
IS Program Development and Resources
IS Standards and Frameworks
Defining an IS Program Road Map
IS Program Metrics
IS Program Management
IS Awareness and Training
Integrating the Security Program with IT Operations
Program Communications, Reporting and Performance Management
Domain 4: Incident Management
Incident Management and Incident Response Overview
Incident Management and Response Plans
Incident Classification/Categorization
Incident Management Operations, Tools and Technologies
Incident Investigation, Evaluation, Containment and Communication
Incident Eradication, Recovery and Review
Business Impact and Continuity
Disaster Recovery Planning
Training, Testing and Evaluation
CISM is intended for information security professionals with at least five years of relevant work experience and at least three years in the role of information security manager.
