CISM - Course Content


1. Information Security Governance and Strategy


Introduction:

  • Definition
  • Objective
  • Tasks
  • Overview

Topics:

  • Effective Information Security Governance
  • Key Information Security Concepts and Issues
  • The IS Manager
  • Scope and Charter of Information Security Governance
  • IS Governance Metrics
  • Developing an IS Strategy – Common Pitfalls
  • IS Strategy Objectives
  • Determining Current State of Security
  • Strategy Resources
  • Strategy Constraints
  • Action Plan Immediate Goals
  • Action Plan Intermediate Goals

Practice Questions; Review of Practice Questions; Reference Materials and Glossary


2. Risk Management


Introduction:

  • Definition
  • Objective
  • Tasks
  • Overview

Topics:

  • Effective Information Security Risk Management
  • Integration into Life Cycle Processes
  • Implementing Risk Management
  • Risk Identification and Analysis Methods
  • Mitigation Strategies and Prioritisation
  • Reporting Changes to Management

Practice Questions; Review of Practice Questions; Reference Materials and Glossary


3. Information Security Programme Management


Introduction:

  • Definition
  • Objective
  • Tasks
  • Overview

Topics:

  • Planning
  • Security Baselines
  • Business Processes
  • Infrastructure
  • Malicious Code (Malware)
  • Life Cycles
  • Impact on End Users
  • Accountability
  • Security Metrics
  • Managing Internal and External Resources

Practice Questions; Review of Practice Questions; Reference Materials and Glossary


4. Information Security Management


Introduction:

  • Definition
  • Objective
  • Tasks
  • Overview

Topics:

  • Implementing Effective Information Security Management
  • Security Controls and Policies
  • Standards and Procedures
  • Trading Partners and Service Providers
  • Security Metrics and Monitoring
  • The Change Management Process
  • Vulnerability Assessments
  • Due Diligence
  • Resolution of Non-Compliance Issues
  • Culture, Behavior and Security Awareness

Practice Questions; Review of Practice Questions; Reference Materials and Glossary


5. Response Management


Introduction:

  • Definition
  • Objective
  • Tasks
  • Overview

Topics:

  • Performing a Business Impact Analysis
  • Developing Response and Recovery Plans
  • Incident Response Processes
  • Executing Response and Recovery Plans
  • Documenting Events
  • Post Event Reviews

Practice Questions; Review of Practice Questions; Reference Materials and Glossary

 

 

Description |Contents |Dates |FAQ |Brochure (PDF) |Presenter |Fees