Certified Information Security Manager (CISM)
The ISACA uniquely management-focused Certified Information Security Manager (CISM) certification promotes international security practices and recognizes the individual who manages designs, and oversees and assesses an enterprise’s information security. CISM is an advanced certification that provides validation for individuals who have demonstrated they possess the knowledge and experience required to develop and manage an enterprise information security program.
CISM Course Content:
Module 1 – Information Security Governance
Attendees will understand the broad requirements for effective information security governance, the elements and actions required to develop an information security strategy, and be able to formulate a plan of action to implement this strategy.
- Establish and maintain an information security strategy and align the strategy with corporate governance
- Establish and maintain an information security governance framework
- Establish and maintain information security policies
- Develop a business case
- Identify internal and external influences to the organization
- Obtain management commitment
- Define roles and responsibilities
- Establish, monitor, evaluate and report metrics
Module 2 – Information Risk Management and Compliance
Students will be able to manage information security risks.
- Establish a process for information asset classification and ownership
- Identify legal, regulatory, organizational and other applicable requirements
- Ensure that risk assessments, vulnerability assessments and threat analyses are conducted periodically.
- Determine appropriate risk treatment options.
- Evaluate information security controls
- Identify the gap between current and desired risk levels
- Integrate information risk management into business and IT processes
- Monitor existing risk.
- Report noncompliance and other changes in information risk
Module 3 – Information Security Program Development and Management
Students will be able to develop and manage an information security plan.
- Establish and maintain the information security program
- Ensure alignment between the information security program and other business functions
- Identify, acquire, manage and define requirements for internal and external resources
- Establish and maintain information security architectures
- Establish, communicate and maintain organizational information security standards, procedures, guidelines
- Establish and maintain a program for information security awareness and training
- Integrate information security requirements into organizational processes
- Integrate information security requirements into contracts and activities of third parties
- Establish, monitor and periodically report program management and operational metrics
Module 4 – Information Security Incident Management
Students will effectively manage information security within an enterprise and develop policies and procedures to respond to and recover from disruptive and destructive information security events.
- Establish and maintain an organizational definition of, and severity hierarchy for, information security incidents
- Establish and maintain an incident response plan
- Develop and implement processes to ensure the timely identification of information security incidents
- Establish and maintain processes to investigate and document information security incidents
- Establish and maintain incident escalation and notification processes
- Organize, train and equip teams to effectively respond to information security incidents
- Test and review the incident response plan periodically
- Establish and maintain communication plans and processes
- Conduct post-incident reviews
- Establish and maintain integration among the incident response plan, disaster recovery plan and business continuity plan
The certification intended for information security managers, aspiring managers or IT consultants who support information security program management.
ISACA CISM Exam Fee : $465 for Members and $595 for Non-Members
Training Track : Certified Information Security Manager (CISM)
Duration : Two Month Regular Program | 4 Days Fast-Track
Flexible Class Options
- Morning | Evening Classes | Workshops | Fast-Track
- Week End Classes For Professionals SAT | SUN
- Online Classes – Live Virtual Class (L.V.C), Online Training
Exam Registration & Administration
To provide you with an immediate response to your inquiry, we are using this automated response that addresses the most frequently asked questions (FAQs) we are receiving at this time. We hope that your question is answered below, and if so, you will not be receiving a further response from ISACA. If not, your inquiry will be answered as quickly as possible.
CISM Frequently Asked Questions
- When will I receive my exam results?
- How is the exam scored?
- How do I provide comments on testing conditions?
- When is the next exam administration?
- When does registration begin for the 2017 exams?
- What are the exam deadlines?
- Can I take the CISA, CISM, CGEIT and CRISC exams in the same exam window?
- When can I schedule my 2017 exams?
- Where can I find the locations for the 2017 exams?
- Where can I find CISA/CISM/CGEIT/CRISC applications for certification?
- What are the requirements for CISA/CISM/CGEIT/CRISC certification?
- Ethical Hacking Certification-312-50 (ECC EXAM)