CISM - Certified Information Security Manager Prep Course Training

What CISM - Certified Information Security Manager Prep Course training is all about?

CISM - Certified Information Security Manager Prep Course Training is designed to help people develop a good understanding of the relationship between information security programs and broader organizational objectives. It also educates and guides the candidates to attain the CISM qualification. This certification is issued by ISACA to validate and analyze the candidate's expertise regarding the relationship between information security programs and broader business targets.

CISM certification is for experienced security management professionals who have decent work experience managing and developing information security programs. This certification also validates that the professional has extensive knowledge of managing, developing, and implementing an information security program for a business organization.

CISM - Certified Information Security Manager Prep Course Training covers all the four domains of the CISM certification exam and helps IT security professionals gain more knowledge, enhance their skills, and increase their practical experience.

Schedule

Contact us to customize this class with your preferred dates, times and location.
You can call us on 1-800-961-0337 or Chat with our representative.

What are the course objectives for CISM - Certified Information Security Manager Prep Course training?

Information Risk Management & Governance of Information Security.
Information Risk Compliance & Information Security Incident Management.
Information Security Program Management & Development.

Who should attend CISM - Certified Information Security Manager Prep Course training?

This training is intended for professionals who have expert-level experience as an information security manager. However, the target audience for this course are IT Manager, IT Auditors security policy writers, security device administrators, information security officers, security engineers, privacy officers and IT consultants.

What is the course outline for CISM - Certified Information Security Manager Prep Course training?

1. Information Security Governance
Develop an information security strategy, aligned with business goals and directives.
Establish and maintain an information security governance framework.
Integrate information security governance into corporate governance.
Develop and maintain information security policies.
Develop business cases to support investments in information security.
Identify internal and external influences to the organization.
Gain ongoing commitment from senior leadership and other stakeholders.
Define, communicate and monitor information security responsibilities
Establish internal and external reporting and communication channels.

2. Information Risk Management

Establish and/or maintain a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value.

Identify legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels.

Ensure that risk assessments, vulnerability assessments and threat analyses are conducted consistently, and at appropriate times, to identify and assess risk to the organizationâ€™s information.

Identify, recommend or implement appropriate risk treatment/response options to manage risk to acceptable levels based on organizational risk appetite.

Determine whether information security controls are appropriate and effectively manage risk to an acceptable level.

Facilitate the integration of information risk management into business and IT processes to enable a consistent and comprehensive information risk management program across the organization.

Monitor for internal and external factors (e.g., threat landscape, cybersecurity, geopolitical, regulatory change) that may require reassessment of risk to ensure that changes to existing or new risk scenarios are identified and managed appropriately.

Report noncompliance and other changes in information risk to facilitate the risk management decision-making process.

Ensure that information security risk is reported to senior management to support an understanding of potential impact on the organizational goals and objectives.

3. Information Security Program Development & Management

Develop a security program, aligned with information security strategy

Ensure alignment between the information security program and other business functions

Establish and maintain requirements for all resources to execute the IS program

Establish and maintain IS architectures to execute the IS program

Develop documentation that ensures compliance with policies

Develop a program for information security awareness and training

Integrate information security requirements into organizational processes

Integrate information security requirements into contracts and activities of third parties

Develop procedures (metrics) to evaluate the effectiveness and efficiency of the IS program

Compile reports to key stakeholders on overall effectiveness of the IS program and the underlying business processes in order to communicate security performance.

4. Information Security Incident Management

Define (types of) information security incidents

Establish an incident response plan

Develop processes for timely identification of information security incidents

Develop processes to investigate and document information security incidents

Develop incident escalation and communication processes

Establish teams that effectively respond to information security incidents

Test and review the incident response plan

Establish communication plans and processes

Determine the root cause of IS incidents

Align incident response plan with DRP and BCP.