Currently Empty: $0.00
CISM: Certified Information Security Manage
Overview
CISM is a management focussed, globally recognized professional certification that promotes security practices and validates individual’s skills to manage designs, oversee and assesses an enterprise’s information security. Our program builds an individual’s expertise in managing, designing, and overseeing an enterprise’s information security (IS) program. It focuses on the management aspects of information security, Risk Management in cybersecurity by ensuring a comprehensive approach to safeguarding critical systems and data.
Why Earn Your CISM?
- Career Advancement: CISM certification signifies your leadership capabilities and positions you for senior-level information security management roles.
- Enhanced Credibility: Gain recognition within the cybersecurity industry as a skilled information security leader.
- Demonstrated Expertise: Validate your knowledge of information security governance, risk management, and security program development.
- Increased Earning Potential: CISM certification can lead to significant salary increases in the cybersecurity job market.
What Does the CISM Cover?
The CISM exam focuses on five core domains of information security management:
- Security and Risk Management: Understand and apply risk management principles to identify, assess, and mitigate information security threats.
- Security Program Development and Management: Learn to design, implement, and oversee a comprehensive information security program aligned with business objectives.
- Information Security Governance: Gain expertise in establishing and maintaining effective information security governance frameworks.
- Information Security Architecture and Engineering: Develop a strong understanding of security architecture concepts and how they contribute to a robust security posture.
- Information Security Operations: Master best practices for incident response, vulnerability management, and security operations.
Investing in Your Future with CISM:
Earning your CISM certification demonstrates your commitment to information security leadership and positions you for success in the ever-growing cybersecurity field.
Ready to take the next step?
Explore resources for CISM training with us and exam preparation to launch your journey as a CISM-certified information security manager and further strengthen your Cybersecurity leadership.
Explore resources for CISM training with us and exam preparation to launch your journey as a CISM-certified information security manager and further strengthen your Cybersecurity leadership.
CISM Course Highlights:
- 32 hours of Instructor-led Training
- Certified & Experienced Instructors
- Access to recorded Sessions
CISM Course Description
Overview
The CISM certification, which is focused on Information Security management, promotes worldwide security practices and acknowledges the professional who manages, designs, oversees, and assesses an organization’s information security. The CISM certification is the worldwide recognized benchmark of excellence in cybersecurity field and the demand for skilled information security management experts is on the rise.
Course Description
Domain 1: Information Security Governance (17%)
Part A: Enterprise Governance
- Importance of Information Security Governance
- Organizational Culture
- Legal, Regulatory and Contractual Requirements
- Organizational Structures, Roles and Responsibilities
Part B: Information Security Strategy
- Information Security Strategy Development
- Information Governance Frameworks and Standards
- Strategic Planning
Domain 2: Information Security Risk Management (20%)
Part A: Information Risk Assessment
- Emerging Risk and Threat Landscape
- Vulnerability and Control Deficiency Analysis
- Risk Analysis, Evaluation and Assessment
Part B: Information Risk Response
- Risk Treatment/Risk Response Options
- Risk and Control Ownership
- Risk Monitoring and Reporting
Domain 3: Information Security Program (33%)
Part A: Information Security Program Development
- Information Security Program Overview
- Information Security Program Resources
- Information Asset Identification and Classification
- Industry Standards and Frameworks for Information Security
- Information Security Policies, Procedures and Guidelines
- Defining an Information Security Program Road Map
- Information Security Program Metrics
Part B: Information Security Program Management
- Information Security Control Design and Selection
- Information Security Control Implementation and Integration
- Information Security Control Testing and Evaluation
- Information Security Awareness and Training
- Integration of the Security Program with IT Operations
- Management of External Services and Relationships
- Information Security Program Communications and Reporting
Domain 4: Incident Management (30%)
Part A: Incident Management Readiness
- Incident Management and Incident Response Overview
- Incident Management and Incident Response Plans
- Business Impact Analysis
- Business Continuity Plan
- Disaster Recovery Plan
- Incident Classification/Categorization
- Incident Management Training, Testing and Evaluation
Part B: Incident Management Operations
- Incident Management Tools and Technologies
- Incident Investigation and Evaluation
- Incident Containment Methods
- Incident Response Communications
- Incident Eradication and Recovery
- Post-Incident Review Practices
Target Audience:
- Security Consultants and Managers
- IT Directors and Managers
- Security Auditors and Architects
- Security Systems Engineers
- Chief Information Security Officers (CISOs)
- Information Security Managers
- IS/IT Consultants
- Chief Compliance/Privacy/Risk Officers
Pre-Requisites:
The CISM is a desirable certification if you have at least five years of information security work experience and at least three years of work experience in three or more job practices analysis areas of information security management. Work experience must be achieved within 10 years of applying for certification or within 5 years of passing the exam.
The following security-related certifications and management experience in information systems can be used to replace the required amount of information security job experience.
Two Years:
- Certified Information Systems Auditor (CISA) in good standing
- Certified Information Systems Security Professional (CISSP) in good standing
- Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
One Year:
- One full year of information systems management experience
- One full year of general security management experience
- Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business
- Continuity Professional (CBCP), ESL IT Security Manager)
Completion of an information security management program at an institution aligned with the Model Curriculum
Course Objectives:
- Information Security Governance
- Information Risk Management and Compliance
- Information Security Program Development and Management
- Information Security Incident Management
