DURATION: 5 days (~40 hours)
COURSE INTRODUCTION
In a world where enterprise success is increasingly dependent on information systems and information technology, the trust customers, clients, employees and other stakeholders have for an enterprise can quickly dissipate in the face of a data security breach. As the growing number of high-profile breaches demonstrates, information security failures can result in significant damage to an enterprise’s bottom line as well as its reputation. Demand for skilled information security management professionals continue to rise, and the uniquely management-focused CISM certification is the globally accepted standard of achievement in this area.
The CISM is an online preparation course that prepares learners to pass the CISM certification exam using proven instructional design techniques and interactive activities. The course covers all four of the CISM domains, and each section corresponds directly to the CISM job practice.
COURSE OBJECTIVE
After finish the course, student will have knowledge and skills to:
- Establish and/or maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives.
- Manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives.
- Develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture.
- Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.
AUDIENCE
- Professionals preparing to become CISA certified
- Professionals preparing to become CISM certified
- CISA or CISSP-certified individuals looking to move into information security management
- General security management professionals looking to move into information security
- Information security managers
- Mid-level career change
COMPLETION CERTIFICATE
After finish the course, student will receive completion certificate issued by SmartPro.
COURSE CONTENT
Domain 1 – Information Security Governance
- Explain the need for and the desired outcomes of an effective information security strategy
- Create an information security strategy aligned with organizational goals and objectives
- Gain stakeholder support using business cases
- Identify key roles and responsibilities needed to execute an action plan
- Establish metrics to measure and monitor the performance of security governance
Domain 2 – Information Risk Management
- Explain the importance of risk management as a tool to meet business needs and develop a security management program to support these needs
- Identify, rank, and respond to a risk in a way that is appropriate as defined by organizational directives
- Assess the appropriateness and effectiveness of information security controls
- Report information security risk effectively
Domain 3 – Information Security Program Development and Management
- Align information security program requirements with those of other business functions
- Manage the information security program resources
- Design and implement information security controls
- Incorporate information security requirements into contracts, agreements and third-party management processes
Domain 4 – Information Security Incident Management
- Understand the concepts and practices of Incident Management
- Identify the components of an Incident Response Plan and evaluate its effectiveness
- Understand the key concepts of Business Continuity Planning, or BCP and Disaster Recovery Planning, or DRP
- Be familiar with techniques commonly used to test incident response capabilities
.png)
