Duration: 5 days
While information has become more easily accessible and readily available, the associated risks and security threats have not only increased in number but also complexity. As a result, the importance of ensuring that an enterprise’s information is protected has also increased. It is now more important than ever for executives to ensure that their IT security managers have the expertise needed to reduce risk and protect the enterprise.
Designed specifically for information security professionals who are preparing to sit for the CISM exam, the course focuses on the four content areas of the Certified Information Security Manager (CISM) job practice: information security governance, risk management, and compliance, information security program development, and management, information security incident management.
CISM Impacts Your Career and Your Organization
The demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area.
CISMs understand the business. They know how to manage and adapt technology to their enterprise and industry.
- Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives
- Distinguishes you as having not only information security expertise but also knowledge and experience in the development and management of an information security program
- Puts you in an elite peer network
- Is considered essential to ongoing education, career progression, and value delivery to enterprises.
Why Employers Hire CISMs?
Enterprises and government agencies increasingly recognize, require, and expect their IS and IT professionals to hold CISM certification.
- Identify critical issues and customize company-specific practices to support the governance of information and related technologies
- Bring credibility to the enterprise for which they are employed
- Take a comprehensive view of information systems security management and their relationship to organizational success
- Demonstrate to enterprise customers their commitment to compliance, security, and integrity; ultimately contributing to the attraction and retention of customers
- Ensure that there is improved alignment between the organization’s information security program and its broader goals and objectives
- Provide the enterprise with a certification for Information security management that is recognized by multinational clients and enterprises, lending credibility to the enterprise
In order to be awarded the CISM designation, students must meet the following requirements:
- Successfully pass the CISM exam.
- Adhere to ISACA’s Code of Professional Ethics.
- Agree to comply with the Continuing Education Policy.
- Work experience in the field of information security.
- Submit an Application for CISM Certification.
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands-on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.
- Instructor Led (the best training format we offer)
- Live Online Classroom – Online Instructor Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
Information Security Governance
Students will understand the broad requirements for effective information security governance, the elements, and actions required to develop an information security strategy and be able to formulate a plan of action to implement this strategy.
- Establish and maintain an information security strategy and align the strategy with corporate governance
- Establish and maintain an information security governance framework
- Establish and maintain information security policies
- Develop a business case
- Identify internal and external influences on the organization
- Obtain management commitment
- Define roles and responsibilities
- Establish, monitor, evaluate and report metrics
Information Risk Management and Compliance
Students will be able to manage information security risks.
- Establish a process for information asset classification and ownership
- Identify legal, regulatory, organizational and other applicable requirements
- Ensure that risk assessment, vulnerability assessments, and threat analyses are conducted periodically.
- Determine appropriate risk treatment options.
- Evaluate information security controls
- Identify the gap between current and desired risk levels
- Integrate information risk management into business and IT processes
- Monitor existing risks.
- Report noncompliance and other changes in information risk
Information Security Program Development and Management
Students will be able to develop and manage an information security plan.
- Establish and maintain the information security program
- Ensure alignment between the information security program and other business functions
- Identify, acquire, manage and define requirements for internal and external resources
- Establish and maintain information security architectures
- Establish, communicate and maintain organizational information security standards, procedures, guidelines
- Establish and maintain a program for information security awareness and training
- Integrate information security requirements into organizational processes
- Integrate information security requirements into contracts and activities of third parties
- Establish, monitor and periodically report program management and operational metrics
Information Security Incident Management
Students will effectively manage information security within an enterprise and develop policies and procedures to respond to and recover from disruptive and destructive information security events.
- Establish and maintain an organizational definition of, and severity hierarchy for, information security incidents
- Establish and maintain an incident response plan
- Develop and implement processes to ensure the timely identification of information security incidents
- Establish and maintain processes to investigate and document information security incidents
- Establish and maintain incident escalation and notification processes
- Organize, train and equip teams to effectively respond to information security incidents
- Test and review the incident response plan periodically
- Establish and maintain communication plans and processes
- Conduct post-incident reviews
- Establish and maintain integration among the incident response plan, disaster recovery plan and business continuity plan