CISM – Course Description
The CISM certification is for the individual, who Manages designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services.
CISM properly recognizes that security is first and foremost a management rather than a technical issue. CISM defines the core competencies and international standards of performance that information security manager are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and advice.
The course provides an intense environment in which participants can acquire, thoroughly and properly, the skills and knowledge expected of a world-class information security manager. In the process the course provides outstanding preparation for the CISM exam.
Course Objectives
This course has been independently commissioned with two objectives:1. To provide an environment in which security professionals can acquire, thoroughly and properly, the skills and knowledge expected of a world class information security manager. Whether or not you intend to sit for the CISM exam, this course is a powerful way to equip yourself with the knowledge of the five core competencies that Define the successful information security manager.
2. To maximize your prospects at the CISM exam if you choose to sit it.
Who Should Attend
The course is aimed at preparing candidates for the CISM® examination by providing them with the knowledge and understanding they require to pass the exam, as defined by ISACA such as:
- IT Systems Auditors
- Information Security Managers/Officers/Professionals
- Auditors involved in Information Security
- Financial and Operational Auditors
Course Structure
This 5-day course is structured to follow the CISM review manual and examination flow. A full day is provided for each of the core competencies and associated task and knowledge statements, thereby ensuring a detailed and thorough coverage of all areas that will be tested. The fundamental thrust of examination is on understanding the concepts, not on memorizing facts. As a result, the course will be presented in an interactive manner to ensure the underlying concepts are understood and examination questions can be analyzed properly to achieve the correct answer
Pre-requisites and Prior Knowledge
This fiveday review course will prepare candidates for the Certified Information Security Manager® exam. Registration for the CISM® exam must be completed through ISACA® International. Please visit the ISACA CISM® page for more information on the exam and certification. Why you should take your CISM with Harmony Training
1. You’ll be CISM certified in just 5 days. With us, you’ll be CISM trained in record time.
2. Pass CISM first time or train again for free. This is our guarantee. We’re sure you’ll pass your CISM course first time. But if you don’t, come back within a year, and only pay exams. Everything else is free
3. You’ll learn more CISM. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Harmony Training you’ll get up to 12 hours/day quality learning time, with your instructor
4. You’ll learn CISM faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
5. You’ll be studying CISM with the best. The goal of our five -day accelerated CISM Certification Accelerated Course is to prepare information security managers and those who have information security management responsibilities to pass the Certified Information Security Manager (CISM) certification examination.
CISM – Course Content
1. Information Security Governance and Strategy Introduction:
- Definition
- Objective
- Tasks
- Overview
Topics:
- Effective Information Security Governance
- Key Information Security Concepts and Issues
- The IS Manager
- Scope and Charter of Information Security Governance
- IS Governance Metrics
- Developing an IS Strategy – Common Pitfalls
- IS Strategy Objectives
- Determining Current State of Security
- Strategy Resources
- Strategy Constraints
- Action Plan Immediate Goals
- Action Plan Intermediate Goals
Practice Questions; Review of Practice Questions; Reference Materials and Glossary
2. Risk Management
Introduction:
- Definition
- Objective
- Tasks
- Overview
Topics:
- Effective Information Security Risk Management
- Integration into Life Cycle Processes
- Implementing Risk Management
- Risk Identification and Analysis Methods
- Mitigation Strategies and Prioritization
- Reporting Changes to Management
Practice Questions; Review of Practice Questions; Reference Materials and Glossary
3. Information Security Programme Management
Introduction:
- Definition
- Objective
- Tasks
- Overview
Topics:
- Planning
- Security Baselines
- Business Processes
- Infrastructure
- Malicious Code (Malware)
- Life Cycles
- Impact on End Users
- Accountability
- Security Metrics
- Managing Internal and External Resources
Practice Questions; Review of Practice Questions; Reference Materials and Glossary
4. Information Security Management
Introduction:
- Definition
- Objective
- Tasks
- Overview
Topics:
- Implementing Effective Information Security Management
- Security Controls and Policies
- Standards and Procedures
- Trading Partners and Service Providers
- Security Metrics and Monitoring
- The Change Management Process
- Vulnerability Assessments
- Due Diligence
- Resolution of Non-Compliance Issues
- Culture, Behavior and Security Awareness
Practice Questions; Review of Practice Questions; Reference Materials and Glossary
5. Response Management
Introduction:
- Definition
- Objective
- Tasks
- Overview
Topics:
- Performing a Business Impact Analysis
- Developing Response and Recovery Plans
- Incident Response Processes
- Executing Response and Recovery Plans
- Documenting Events
- Post Event Reviews
Information Security Courses
- RESILIA PRACTITIONER
- RESILIA FOUNDATION
- ISO 27001 Lead Implementer
- ISO 27001 Lead Auditor
- ISO 27001 Foundation
- Certified Network Defender (CND)
- Certified ISO 31000 Risk Manager
- Certified in the Governance of Enterprise IT (CGEIT)
- Certified in Risk and Information Systems Control (CRISC®)
- information security foundation course based on ISO 27002
- Information security Awareness and Training Program
- Computer Hacking Forensics Investigator (CHFI)
- CISSP Certified Information Systems Security Professional
- Certified Information Security Manager
- CISA Certified Information Systems Auditor
- Certified Ethical Hacker (CEH)