Certified Information Security Manager (CISM) Exam Preparation
Virtual ClassroomLearning Style
4 DaysCourse Duration
About Individual Course:
About this course:
The challenge of protecting enterprise data is more difficult than ever. This official ISACA course provides you with in-depth coverage on the four CISM domains: security governance; risk management and compliance; security program development and management; and security incident management . This course is designed specifically for information security professionals who are preparing to take the CISM exam.
The average salary for Certified Information Security Manager is $116,155 per year.
After completing this course, students will be able to:
- Prepare for and pass the Certified Information Security Manager (CISM) exam
- Develop an information security strategy and plan of action to implement the strategy
- Manage and monitor information security risks
- Build and maintain an information security plan both internally and externally
- Implement policies and procedures to respond to and recover from disruptive and destructive information security events.
This course is intended for:
- Experienced information security managers and those who have information security management responsibilities, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.
- IT professionals must have at least 5 years of information security experience, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.
Suggested prerequisites courses:
Virtual Instructed-Led Outline
Information Security Governance
- Establish and maintain an information security strategy, and align the strategy with corporate governance
- Establish and maintain an information security governance framework
- Establish and maintain information security policies
- Develop a business case
- Identify internal and external influences to the organization
- Obtain management commitment
- Define roles and responsibilities
- Establish, monitor, evaluate, and report metrics
Information Risk Management and Compliance
- Establish a process for information asset classification and ownership
- Identify legal, regulatory, organizational, and other applicable requirements
- Ensure that risk assessments, vulnerability assessments, and threat analyses are conducted periodically
- Determine appropriate risk treatment options
- Evaluate information security controls
- Identify the gap between current and desired risk levels
- Integrate information risk management into business and IT processes
- Monitor existing risk
- Report noncompliance and other changes in information risk
Information Security Program Development and Management
- Establish and maintain the information security program
- Ensure alignment between the information security program and other business functions
- Identify, acquire, manage, and define requirements for internal and external resources
- Establish and maintain information security architectures
- Establish, communicate, and maintain organizational information security standards, procedures, and guidelines
- Establish and maintain a program for information security awareness and training
- Integrate information security requirements into organizational processes
- Integrate information security requirements into contracts and activities of third parties
- Establish, monitor, and periodically report program management and operational metrics
Information Security Incident Management
- Establish and maintain an organizational definition of, and severity hierarchy for, information security incidents
- Establish and maintain an incident response plan
- Develop and implement processes to ensure the timely identification of information security incidents
- Establish and maintain processes to investigate and document information security incidents
- Establish and maintain incident escalation and notification processes
- Organize, train, and equip teams to effectively respond to information security incidents
- Test and review the incident response plan periodically
- Establish and maintain communication plans and processes
- Conduct post-incident reviews
- Establish and maintain integration among the incident response plan, disaster recovery plan, and business continuity plan
|Learning Style||Virtual Classroom|
|Course Duration||4 Days|
Frequently Asked Questions About Virtual Instructor-Led Courses
I can't connect to my class, what are my options?
The link to the class is available upon logging in to your dashboard. If you are unable to see it, please contact our support team at 1-855-800-8240 and they will be happy to provide you the direct link via email or the dial in number.
I can't make it to attend to class. Can I reschedule?
Yes, you can reschedule your class. Please contact your Sales representative and they will arrange this for you. If you forgot his/her name, feel free to contact our support team at firstname.lastname@example.org or 1-855-800-8240.
Will I get my certificate upon completion?
Yes. Upon completion of the course, it will be available on your course as a Trophy Icon for you to download. If you do not see this, you will need to contact email@example.com with the following details so they can email you the certificate: Class Name, Class Date, Account Rep, and Your Email.
I cannot connect to my lab. Help!
Your Lab is accessible on the bottom part of your course. You will see a button that says "LAB". Just click it to launch the lab. Please note that some classes don’t need/require a LAB. You can verify with our support team by calling them at 1-855-800-8240 or by email at firstname.lastname@example.org. You can also check with your Instructor or the Associate Instructor if your class includes one.
What is my access code for Skillpipe?
A. Not all of the classes have or require Skillpipe. If your class includes one, please check your email as you should have received one from email@example.com. In case you do not find it in your inbox, please check the Spam / Junk folder. For any further assistance, you can call the support at 1-855-800-8240 or contact them via email at firstname.lastname@example.org.
I don't have audio. I can't hear the instructor.
Make sure you are using a compatible headset for your laptop or computer. If you don’t have a headset, you can use the built-in speaker of your laptop. Otherwise, you can use the dial in option by calling the dial in number provided in the class joining email. You may also contact support team for the dial in numbers associated for your training at 1-855-800-8240 or contact them via email at email@example.com.
How can I reach student support?
Support can be reach via phone at 1855-800-8240; via email at firstname.lastname@example.org or via chat support through the chat button on our website. Please note that support office hours will be from 8am-5pm CST Monday to Friday. Any concerns after office hours will be attended the following business day.
Have Questions? Ask Us.
Turn Training Into A Personalized Learning Experience
- Problem Solving through ExpertConnect & Peer-To-Peer Learning
- Find The Quickest Path To Learn With Career Paths
- Access All Courses With Master Subscription
- Manage Your Team With Learning Analytics
- Virtual Classroom Training & Self-Paced Learning
- Integrate With Your LMS Through API's