Certified Information Security Manager (CISM)
This course is intended to prepare delegates for the Certified Information Security Manager exam and exposes them to the job practices associated with this challenging role. It covers the key areas prescribed by the syllabus for the exam and discusses the concepts and process that someone performing this job would be expected to understand.
Book your virtual training
- Date
- Venue
- Cost
- More info
- Date and time to suit you
- VenueWe will train your team
wherever they are based - CostContact us for price
- Fill in the form and we'll be in touch
within a working day.
Book your place
- Date
- Venue
- Cost
- Availability
- Date04 Oct 2022
- VenueWorcester
- Cost£1,356
- AvailabilityAvailable
- Book Now
To give delegates a greater insight into the job practices and activities associated with the role of the Certified Information Security Manager and to prepare them for the associated exam.
Delegates wishing to enhance their understanding of information security and work towards the Certified Information Security Manager qualification.
Understand and use the four job practices:
- Governance setting
- Risk management
- Information security program management
- Information security incident management
- Staff that better understand the importance of information security in the business context
- Greater alignment of information security and business objectives
- Staff that are better equipped to prepare for and manage the range of security challenges that organisations face
- Better understanding of the role and activities related to information security management
- Preparation for the associated exam
- Role of the Certified Information Security Manager.
- Purpose of the job practices.
- Understand the following regarding governance:
- Purpose of information security governance.
- Understand its make up and how to achieve it.
- Purpose of the information security strategy.
- Understand the objectives, content and creation of the strategy.
- Understand the meaning, content and creation of policies, standards, procedures and guidelines.
- Development of business cases and gaining commitment from senior management for the information security program.
- Define governance metrics requirements, selection of them and their creation.
- Understand the following regarding governance:
- Recognise the importance of risk management in meeting business needs.
- Supporting the development of an information security program to align with business needs.
- Understand methods of identifying, prioritising and responding appropriately to risk.
- Evaluate and assess information security controls and assure fitness for purpose.
- Report effectively on the status of risks within the organisation.
- Understand the following regarding the management of security incidents:
- The lifecycle of information incident management: Identifying, analysing, managing and responding to unexpected negative information security events.
- Identify the components of an incident response plan.
- Evaluate the effectiveness of an incident response plan.
- Recognise the relationship between incident response, disaster recovery and business continuity planning.
Possessing and understanding of the core concepts and practices associated with Information Security is essential as this is not a beginners course in Information Security. Attending an introductory course such as Quanta's Cyber Matters, the CompTIA Security+, RESILIA Foundation or equivalents is strongly advised for those new to the sector prior to attending this course.
Familiarisation with the syllabus and the broader requirements is essential. Please see course prerequisites for more information regarding learning and courses that may be beneficial.
The exam needs to be booked independently by the delegate using the ISACA website.
Exam Length: 240 minutes
No. of Questions: 150
Pass is 450 from between 200 and 800 and is not a strict average or percentage.
Other requirements such as registering for the qualification, signing the code of ethics and meeting the ISACA requirements for the designation of CISM are also required over and above passing this exam.