The Certified Information Security Manager (CISM)

Course Content

Course will give attendees the requisite skillsets to design, deploy and manage security architecture for your organisation. The course is aligned with ISACA best practices and is designed to help attendees pass the CISM exam.

After completing this course, the student will be able to:

  • Prepare for the Certified Information Security Manager (CISM) exam
  • Develop an information security strategy and plan of action to implement the strategy
  • Manage and monitor information security risks
  • Build and maintain an information security plan both internally and externally
  • Implement policies and procedures to respond to and recover from disruptive and destructive information security events

Course Duration

4 Days

Who is this course for?

The course is intended for professionals who have a minimum of 5 years of professional work experience in information systems, security and management.

Course Syllabus

    • Explain the need for and the desired outcomes of an effective information security strategy
    • Create an information security strategy aligned with organisational goals and objectives
    • Gain stakeholder support using business cases
    • Identify key roles and responsibilities needed to execute an action plan
    • Establish metrics to measure and monitor the performance of security governance
    • Explain the importance of risk management as a tool to meet business needs and develop a security management program to support these needs
    • Identify, rank, and respond to a risk in a way that is appropriate as defined by organisational directives
    • Assess the appropriateness and effectiveness of information security controls
    • Report information security risk effectively
    • Align information security program requirements with those of other business functions
    • Manage the information security program resources
    • Design and implement information security controls
    • Incorporate information security requirements into contracts, agreements and third-party management processes
    • Understand the concepts and practices of Incident Management
    • Identify the components of an Incident Response Plan and evaluate its effectiveness
    • Understand the key concepts of Business Continuity Planning, or BCP and Disaster Recovery Planning, or DRP
    • Be familiar with techniques commonly used to test incident response capabilities