Certified Information Security Manager

Certified Information Security Manager


Duration: 4 days
Course Overview

Course Duration 4 days.

CISM - Certified Information Security Manager - The CISM certification is the primary certification for information security professionals who manage, design, oversee and/or assess an enterprise’s information security.

In comparison to other certifications, CISM covers a wide body of knowledge. It is therefore recommended by the sponsoring organization, ISACA, that those sitting for the CISM certification attend a training session.

We offers a most comprehensive CISM review course in 4 day boot camp format for those wishing to thoroughly prepare for the CISM exam. Every student attending the CISM Boot Camp progresses through a number of skill checks to ensure knowledge is retained. The instructors for the CISM Boot Camp are certified with the CISM designation. Our Exam Preparation workshops are specifically designed to cover the new material that will be on the 2012 exams 


Course Objectives
Upon the completion of our CISM Exam Prep, students will be familiar with the following concepts:
  • Information Security Governance
  • An information security steering group function
  • Legal and regulatory issues associated with Internet businesses, global transmissions and transborder data flows
  • Common insurance policies and imposed conditions
  • Information security process improvement
  • Recovery time objectives (RTO) for information resources
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security metrics design, development and implementation.
  • Information security management due diligence activities and reviews of the infrastructure.
  • Events affecting security baselines that may require risk reassessments
  • Changes to information security requirements in security plans, test plans and reperformance
  • Disaster recovery testing for infrastructure and critical business applications.
  • The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.
  • External vulnerability reporting sources
  • The key components of cost benefit analysis and enterprise migration plans
  • Privacy and tax laws and tariffs, data import/export restrictions, restrictions on cryptography, warranties, patents, copyrights, trade secrets, national security
  • CISM information classification methods
  • Life-cycle-based risk management principles and practices.
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security baselines and configuration management in the design and management of business applications and the infrastructure.
  • Acquisition management methods and techniques
  • Evaluation of vendor service level agreements, preparation of contracts)
  • CISM question and answer review
Course Content
Information Security Governance
  • Introduction
    • Definition
    • Objectives
    • Tasks
    • Overview
  • Topics
    • Effective Security Governance Overview
    • Effective In formation Security Governance
    • Key Information Security
    • Concepts and Technologies
    • Scope and Charter of IS Governance
    • IS Governance Metrics
    • IS Strategy Overview
    • Developing an IS Strategy – Common Pitfalls
    • IS Strategy Objectives
    • Determining Current State of Security
    • Information Security Strategy Development
    • Strategy Resources
    • Strategy Constraints
    • Action Plan to implement strategy
    • Action Plan Intermediate Goals
    • IS Program Objectives
Information Risk Management and Compliance
  • Introduction
    • Definition
    • Objective
    • Tasks
    • Overview
  • Topics
    • Risk Management Overview
    • Risk Management Strategy
    • Effective Information Security Risk Management
    • IS Risk Management Concepts
    • Implementing Risk Management
    • Risk Assessment and Analysis Methodologies
    • Risk assessment
    • Information Resource Valuation
    • Recovery Time Objectives
    • Integration with Life Cycle Processes
    • Security Control Baselines
    • Risk Monitoring and Communications
    • Training and Awareness
Information Security Programme Development and Management
  • Introduction
    • Definition
    • Objectives
    • Tasks
    • Overview
  • Topics
    • IS Program Management Overview
    • IS Program Management Objectives
    • IS Program Management Concepts
    • Scope and Charter of IS Program
    • The IS Management Framework
    • Defining an IS Program Roadmap
    • IS Infrastructure and Architecture
    • Architecture Implementation
    • Security Program Management and Administrative Activities
    • Security Program Services and Operational Activities
    • Controls and Countermeasures
    • Security Program Metrics and Monitoring
    • Common IS Program Challenges
Information Security Incident Management
  • Introduction
    • Definition
    • Objective
    • Tasks
    • Overview
  • Topics
    • Incident Management Overview
    • Incident Response Procedures
    • IS Manager
    • Incident Management Resources
    • Incident Management Objectives
    • Incident Management Metrics and Indicators
    • Defining Incident Management Procedures
    • Current State of Incident Response Capability
    • Developing an Incident Response Plan
    • Business Continuity and Disaster Recovery Procedures
    • Testing Incident Response and BC/DR Plans
    • Executing Response and Recovery Plans
    • Postincident Activities and Investigation
Course Certifications

This course is part of the following Certifications:

  • Five years of experience with audit, IT systems, and security of information systems; systems administration experience; familiarity with TCP/IP; and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course course.
Course ID:

Show Schedule for: