A tanfolyamról
This CISM® (Certified Information Security Manager®) certification validates your expertise in four information security domains: information security governance, information risk management, information security program development and management, and information security incident management.
CISM® is a designation provided by ISACA® (previously known as the Information Systems Audit and Control Association®). Embark on a transformative journey with our CISM training program, meticulously designed to equip you with the skills and knowledge needed for success in senior roles in IT security and control.
To achieve the CISM certification, one needs to:
Pass the CISM Exam:
The exam format of the CISM exam is as follows:
- The CISM exam can be conducted online or in-person
- Number of Questions: 200 questions
- Type of Questions: Multiple-Choice
- Grading Range: 200 to 800
- Qualifying Mark: 450 (similar to SAT).
- If you don't qualify the first time, you can reapply up to four times yearly.
Have 5 years’ experience in Information Security Management: CISM exam covers four job practice domains in Information Security Management:
- Domain 1: Information Security Governance (17%)
- Domain 2: Information Security Risk Management (20%)
- Domain 3: Information Security Program (33%)
- Domain 4: Incident Management (30%)
Candidates are required to have experience within 10 years of application within at least three out of these four domains. Enrolling into structured CISM classes is a great way to build your knowledge and expertise across all four domains.
Verification of Work Experience: A minimum of 3 years of experience is required in three of the four CISM job practice areas. There are a few waivers and substitutions. For complete details, refer CISM requirements on ISACA.
Allowance of Five Years from Passing Exam: Candidates would need to acquire five years of relevant experience in at least three of the four job practice domains within five years of passing the exam, in order to be eligible to apply for the CISM certification training course.
Enrolling into a well-structured and credible Certified Information Security Manager training program equips you with the step-by-step guidance to prepare for the CISM exam and obtain the CISM certification.
The CISM certification is valid for a period of three years. It can be renewed by accumulating a minimum of 20 CPEs each year and 120 CPEs over the period of three years.
Learning Objectives
-
Governance
Learn how to maintain an information security strategy in alignment with organizational goals. -
Risk Management
Facilitate the integration of information risk management into business and IT processes. -
Program Development
Understand how to align the information security program with other business functions. -
Incident Management
Learn how to detect, investigate, respond to, and recover from information security incidents. -
Security Strategy
Learn to define, communicate, and monitor information security responsibilities throughout the organization. -
Technologies and Trends
Ace current and emerging information security technologies and underlying concepts.
Who This Course is For?
- Security Managers
- Security Consultants
- Information Systems Analysts
- IT Auditors
- Compliance Officers
- Governance Specialists
- Risk Management Professionals
We provide the course in English.
Tematika
Curriculum
1. Information Security Governance
Learning Objectives
Learn to maintain an information security governance framework to ensure that the information security strategy is aligned with organizational goals and objectives.
Topics
- Explain the need for and the desired outcomes of an effective information security strategy
- Create an information security strategy aligned with organizational goals and objectives
- Gain stakeholder support using business cases
- Identify key roles and responsibilities needed to execute an action plan
- Establish metrics to measure and monitor the performance of security governance
2. Information Risk Management
Learning Objectives
Learn how to manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives.
Topics
- Explain the importance of risk management as a tool to meet business needs and develop a security management program to support these needs
- Identify, rank, and respond to a risk in a way that is appropriate as defined by organizational directives
- Assess the appropriateness and effectiveness of information security controls
- Report information security risk effectively
3. Information Security Program Development and Management
Learning Objectives
Learn to develop and maintain an information security program that identifies, manages, and protects the organization’s assets while aligning to information security goals.
Topics
- Align information security program requirements with those of other business functions
- Manage the information security program resources
- Design and implement information security controls
- Incorporate information security requirements into contracts, agreements, and third-party management processes
4. Information Security Incident Management
Learning Objectives
Build the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.
Topics
- Understand the concepts and practices of Incident Management
- Identify the components of an Incident Response Plan and evaluate its effectiveness
- Understand the key concepts of Business Continuity Planning, or BCP and Disaster Recovery Planning, or DRP
- Be familiar with techniques commonly used to test incident response capabilities
Kinek ajánljuk
Előfeltételek
Prerequisites
There are no prerequisites to attend the CISM training program and take the exam. To obtain the CISM certification, however, the following apply:
- Minimum 5 years of professional information security management experience (within two years of the exam).
- Work experience must cover at least three of the four domains.
- Employer(s) verification required for work experience.