CISM Certification Curriculum Outline
Information Security Governance: Overview
Overview/Description
Information security governance is a major part of the job role of an information security manager. The goal of information security governance is to establish and maintain a framework to provide assurance that information security strategies are aligned with the business objectives and consistent with applicable laws and regulations. This course looks at the role of information security governance in an organization, the need for senior management support for all policies and procedures that are put in place, the actual role of the information security manager, and the core principles and metrics that are used as part of this process. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Governance: Overview
sp_cism_a01_it_enus
Back to List
Information Security Governance: Strategies and Goals
Overview/Description
Many companies realize that their information security is not in the state that it should be. As an information security manager, it will be your role to guide your organization to where information-related risks are controlled and sound information security processes are being followed by each and every employee. In order to move a company from a current state, to a desired state, there are many steps that must be taken. This course examines what an information security strategy is, frameworks and models you can use to build your strategy, who the strategy participants are, and constraints that may stand in your way. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Governance: Strategies and Goals
sp_cism_a02_it_enus
Back to List
Information Security Governance: Developing an Action Plan
Overview/Description
In order for information security governance to succeed, there must be an action plan put into place to lay the groundwork for success. This course examines the assets, departments, resources, and people that play a role in bringing an action plan to life. This course will also examine the components and constraints of an action plan, along with providing a sample information security strategy to bring it all together. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Governance: Developing an Action Plan
sp_cism_a03_it_enus
Back to List
Information Risk Management: Program Framework and Risk Assessment
Overview/Description
Information risk management is a pivotal part of the role of an information security manager. This course will provide an overview of information risk management, as well as examine the elements that come into play when creating an information risk management plan and the frameworks and methodologies that are used. This course also examines risk assessment, with special attention to methods of risk identification, risk analysis, and the calculations used for risk impact analysis. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Risk Management: Program Framework and Risk Assessment
sp_cism_a04_it_enus
Back to List
Information Risk Management: Analysis, Mitigation, and Monitoring
Overview/Description
Analysis, mitigation, and monitoring play an extremely important role in information risk management. This course examines how to properly classify and valuate information assets, perform a business impact analysis, and the principles of disaster recovery. You will learn about the options available to deal with risk, effective controls, and ways to ensure your risk management program is integrated into your organizations other life-cycle processes. You will also examine the many responsibilities of an information security manager related to risk monitoring and reporting. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security.
Expected Duration (hours)
2.0
Lesson Objectives
Information Risk Management: Analysis, Mitigation, and Monitoring
sp_cism_a05_it_enus
Back to List
Information Security Program Development: Introduction and Roadmap
Overview/Description
An information security program is the foundation of an information security managers daily work. This course examines how to prepare your security program, analyzes the outcomes and challenges, and outlines the responsibilities of executive management and the information security manager. This course also looks at the development of an information security roadmap, and the elements that need to be put in place to make the roadmap functional. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Program Development: Introduction and Roadmap
sp_cism_a06_it_enus
Back to List
Information Security Program Development: Resources
Overview/Description
As an information security manager, one of your primary responsibilities will be to manage and leverage company and external resources needed to make your projects succeed. This course examines information security infrastructures and architectures and the industry models that can be used as a basis for them. This course also examines controls and countermeasures that can be used to detect, prevent, and protect company resources. It examines the roles of individuals in an information security program, and looks at how documentation is kept at all levels while creating the information security program. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Program Development: Resources
sp_cism_a07_it_enus
Back to List
Information Security Program Development: Metrics and Implementation
Overview/Description
The implementation of an information security program can be time consuming but, if done properly, it will ensure that your company is able to meet its security objectives. This course examines the elements necessary for implementing and measuring the success of an information security program, assuming you have created a sound strategy and the resources necessary for program implementation are in place. This course looks at policy and standards compliance, training and education, controls, life cycle integration, monitoring and communication, and the documentation that should be done at all stages of program implementation and monitoring. This course also examines what metrics are, how they should be used, and the types of metrics that play a role in monitoring an information security program. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Program Development: Metrics and Implementation
sp_cism_a08_it_enus
Back to List
Information Security Program Management: Introduction and Framework
Overview/Description
As an information security manager, it is your job to make sure that the program for information security management that is put in place is effective, cost-efficient, and most importantly, that it meets the business needs of the organization. This course examines what information security management is, how it is used, and the common challenges that an information security manager faces while trying to establish the program. This course also examines the roles and responsibilities of the individuals in the organization regarding the program, with special attention to the role of upper management and the commitment they must have towards the plan. Finally this course looks at components of the information security framework and metrics used to measure the effectiveness of the program. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security.
Expected Duration (hours)
2.0
Lesson Objectives
Information Security Program Management: Introduction and Framework
sp_cism_a09_it_enus
Back to List
Information Security Program Management: Resources and Implementation
Overview/Description
Once there is an information security program framework in place, the next step for an information security manager is to catalog the resources on hand, and to assemble the resources that are still required in order to implement the information security program. This course examines the policies, controls, and metrics used to make the program function efficiently, and the analyses that will be used to monitor the program on an ongoing basis. This course also examines the technologies, skills, and outside support that the information security program will use. This course will show you how to evaluate the current state of the program and actions to take to properly manage information security. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security.
Expected Duration (hours)
2.5
Lesson Objectives
Information Security Program Management: Resources and Implementation
sp_cism_a10_it_enus
Back to List
Incident Management and Response: Introduction and Resources
Overview/Description
Managing incidents, and the response that is put forward by an organization falls directly under the duties of a CISM. Organizations must have a plan in place, and must know the steps they will take to deal with incidents when they occur. This course examines what incident management is, how responses are prepared, and concepts and technologies that are used when dealing with incidents. This course also looks at the principles, importance of, and outcomes of incident management and how the information security manager, with the approval of senior management, prepares the people and the resources of the organization to deal with incidents when they occur. Finally, this course explains the steps for conducting a business impact analysis as technique used in effective incident management. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security.
Expected Duration (hours)
2.5
Lesson Objectives
Incident Management and Response: Introduction and Resources
sp_cism_a11_it_enus
Back to List
Incident Management and Response: Planning and Testing
Overview/Description
Preparing incident response and recovery plans is a very important part of a CISMs role. This course examines how to identify the current state of incident response capability, identifies the elements of incident response and recovery plans, and discusses principles for effectively managing the plans. This course also examines the importance of testing, documentation, and how to physically prepare recovery sites and related offsite resources. This course prepares you for the Certified Information Security Manager (CISM) exam.
Target Audience
Experienced IT security professionals seeking to pass the Certified Information Security Manager (CISM) exam, or otherwise gain knowledge in managing, designing, and overseeing an enterprises information security
Expected Duration (hours)
2.0
Lesson Objectives
Incident Management and Response: Planning and Testing
sp_cism_a12_it_enus
Back to List
Certified Information Security Manager (CISM)
With Internet Security standing out as one of the highest growing and in demand professions, it is important to take your experience
in the information security field and get it recognized through a CISM Certification. If you have at least five years of experience
in information security, including a minimum of three years in information security management, then the CISM certification is right
for you.
The CISM certification is recognized worldwide as the foremost credential within its field, and it shows that an individual has the experience and the know how to properly monitor a companies IT security and integrate it into corporate goals and broader business objectives. Many leading corporations and government agencies are now requiring their high ranking information officers and security staff to posses and maintain a CISM Certification. The CISM course will provide you with the information you need in order to pass the CISM Certification Exam – giving you the proof on paper that you can manage and develop a security information program and allowing you to advance further in the information security field.
Benefits of CBT Direct’s Online Certified Information Security Manager (CISM) Certification Training
CBT Direct boasts the most beneficial online certification training on the market. With online training, you have the flexibility to study on your schedule, and with the speed and reliability of the internet, CBT Direct’s Certified Information Security Manager (CISM) training course is accessible anywhere you have an internet connection. Convenience finally costs less with CBT Direct – the most affordable online training solution today.
The unique design of CBT Direct’s Certified Information Security Manager (CISM) certification course incorporates a proven four-step learning process: presentation, demonstration, guidance and independent practice. This four-step proven learning model for CBT Direct’s Certified Information Security Manager (CISM) training course ensures the greatest level of retention to prepare you for your Certified Information Security Manager (CISM) certification exam.
CBT Direct also offers online mentoring for over 100 current major certification exams, including Certified Information
Security Manager (CISM), for IT professionals and end-users alike. CBT Direct’s mentors have a minimum of 20 certifications
each and are available 24/7*.
* Available for most courses.
Who Benefits from CBT Direct’s Certified Information Security Manager (CISM) Training?
The CISM was created for individuals that are already working within information security management and/or have information management duties such as: managing, designing, and/or building programs used for information security purposes.
What Professionals Will Learn from CBT Direct’s Certified Information Security Manager (CISM) Training
Certified Information Security Manager (CISM) Certification Exam:
The job practice, meaning the information and experience required to earn a CISM Certification, consists of five content areas
(or domains); Information Security Governance, Information Risk Management, Information Security Program Development and Management,
and Incident Management and Response. These content areas will cover everything from designing, implementing and maintaining
information security strategies to being cost effective and reporting potential security breaches and their possible impact.
Click here to see a detailed curriculum outline.
Exam#
Certification
Certified Mentoring
Hours
Hours
24x7
Mon-Fri
(9-5 EST)
(9-5 EST)
Tier 3
TestPrep
| CISM | Certified Information Security Manager (CISM) | ü | ü |
CISM Prerequisites
To earn the CISM designation, candidates are required to:
- Successfully pass the CISM exam.
- Adhere to ISACA's Code of Professional Ethics.
- Agree to comply with the Continuing Education Policy.
- Minimum 5 years of work experience in the field of information security,
with 3 years of management experience within the same field. - Submit an Application (after passing the exam) for CISM Certification.
Click Here for ISACA CISM Facts.
ISACA CISM Certification Exam
