Certified Information Security Manager (CISM)
- Course Code CISM
- Duration 4 days
- Version 2022
Course Delivery
Additional Payment Options
-
GTC 35 inc. VAT
GTC, Global Knowledge Training Credit, please contact Global Knowledge for more details
Jump to:
Course Delivery
This course is available in the following formats:
-
Company Event
Event at company
-
Elearning (Self-paced)
Self paced electronic learning
-
Public Classroom
Traditional Classroom Learning
-
Virtual Learning
Learning that is virtual
Request this course in a different delivery format.
Course Overview
TopCISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities and challenges in Information Security Management. Our CISM exam preparation course provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.
Course Schedule
Top-
- Delivery Format: Public Classroom
- Date: 19-22 September, 2022
- Location: London - Old Broad Street
-
- Delivery Format: Virtual Learning
- Date: 19-22 September, 2022
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 19-22 December, 2022
- Location: Virtual
-
- Delivery Format: Public Classroom
- Date: 06-09 March, 2023
- Location: London - Old Broad Street
-
- Delivery Format: Virtual Learning
- Date: 06-09 March, 2023
- Location: Virtual
-
- Delivery Format: Virtual Learning
- Date: 19-22 June, 2023
- Location: Virtual
Target Audience
TopCourse Objectives
Top- Use the knowledge gained in a practical manner beneficial to your organization
- Establish and maintain information security architectures (people, your organisation process, technology)
- Establish and maintain an Information security governance and framework to achieve your organizations goals and objectives
- Integrate information security requirements into contracts and framework to achieve your organization goals and objectives activities of third parties/ suppliers
- Manage Information risk to an acceptable level to meet the business and compliance requirements
- Plan, establish and manage the capability to detect, investigate, business and compliance requirements respond to and recover from information security incidents to minimize business impact
Course Content
TopModule 1 Information Security Governance 17%
A Enterprise Governance
1A1 Organizational Culture
1A2 Legal, Regulatory, and Contractual Requirements
1A3 Organizational Structures, Roles, and Responsibilities
B Information Security Strategy
1B1 Information Security Strategy Development
1B2 Information Governance Frameworks and Standards
1B3 Strategic Planning (e.g., budgets, resources, business case).
Module 2 Information Security Risk Management 20%
A Information Security Risk Assessment
2A1 Emerging Risk and Threat Landscape
2A2 Vulnerability and Control Deficiency Analysis
2A3 Risk Assessment and Analysis
B Information Security Risk Response
2B1 Risk Treatment / Risk Response Options
2B2 Risk and Control Ownership
2B3 Risk Monitoring and Reporting
Module 3 Information Security Program 33%
A Information Security Program Development
3A1 Information Security Program Resources (e.g., people, tools, technologies)
3A2 Information Asset Identification and Classification
3A3 Industry Standards and Frameworks for Information Security
3A4 Information Security Policies, Procedures, and Guidelines
3A5 Information Security Program Metrics
B Information Security Program Management
3B1 Information Security Control Design and Selection
3B2 Information Security Control Implementation and Integrations
3B3 Information Security Control Testing and Evaluation
3B4 Information Security Awareness and Training/td>
3B5 Management of External Services (e.g., providers, suppliers, third parties, fourth parties)
3B6 Information Security Program Communications and Reporting
Module 4 Incident Management 30%
A Incident Management Readiness
4A1 Incident Response Plan
4A2 Business Impact Analysis (BIA)
4A3 Business Continuity Plan (BCP)
4A4 Disaster Recovery Plan (DRP)
4A5 Incident Classification/Categorization
4A6 Incident Management Training, Testing, and Evaluation
B Incident Management Operations
4B1 Incident Management Tools and Techniques
4B2 Incident Investigation and Evaluation
4B3 Incident Containment Methods
4B4 Incident Response Communications (e.g., reporting, notification, escalation)
4B5 Incident Eradication and Recovery
4B6 Post-incident Review Practices
Course Prerequisites
Top- There is no set pre requisite for this course.
- ISACA do require a minimum of five years' professional information security work experience to qualify for full certification.
- You can take the for CISM exam prior to meeting ISACA’s experience requirements, but the CISM qualification is awarded after you meet the experience requirements.
- However, there is no restriction in getting yourself certified in early stages of your career and start practicing globally accepted Information Security Management practices.