Certified Information Security Manager (CISM)

Learn the key skills and areas for a Certified Information Security Manager and prepare for the exam component of this sought-after qualification.
Overview

This course is intended to prepare delegates for the Certified Information Security Manager exam and exposes them to the job practices associated with this challenging role. It covers the key areas prescribed by the syllabus for the exam and discusses the concepts and process that someone performing this job would be expected to understand.

Course Code
CISM4SEC
Duration
4 Days
Delivery Style
Classroom
Course Type
Public or Private
Max Delegates
12
Available as Nutshell
No

Book your virtual training

  • Date
  • Venue
  • Cost
  • More info

Book your place

Purpose of this course

To give delegates a greater insight into the job practices and activities associated with the role of the Certified Information Security Manager and to prepare them for the associated exam.

Who is this course for

Delegates wishing to enhance their understanding of information security and work towards the Certified Information Security Manager qualification.

You will learn how to

Understand and use the four job practices:

  • Governance setting
  • Risk management
  • Information security program management
  • Information security incident management
Benefits for your organisation
  • Staff that better understand the importance of information security in the business context
  • Greater alignment of information security and business objectives
  • Staff that are better equipped to prepare for and manage the range of security challenges that organisations face
Benefits for you as an individual
  • Better understanding of the role and activities related to information security management
  • Preparation for the associated exam
Introducing the Certified Information Security Manager
  • Role of the Certified Information Security Manager.
  • Purpose of the job practices.
Information Security Governance
  • Understand the following regarding governance:
    • Purpose of information security governance.
    • Understand its make up and how to achieve it.
    • Purpose of the information security strategy.
    • Understand the objectives, content and creation of the strategy.
    • Understand the meaning, content and creation of policies, standards, procedures and guidelines.
    • Development of business cases and gaining commitment from senior management for the information security program.
    • Define governance metrics requirements, selection of them and their creation.
Information Security Risk Management
  • Understand the following regarding governance:
    • Recognise the importance of risk management in meeting business needs.
    • Supporting the development of an information security program to align with business needs.
    • Understand methods of identifying, prioritising and responding appropriately to risk.
    • Evaluate and assess information security controls and assure fitness for purpose.
    • Report effectively on the status of risks within the organisation.
Managing Information Security Incidents
  • Understand the following regarding the management of security incidents:
    • The lifecycle of information incident management: Identifying, analysing, managing and responding to unexpected negative information security events.
    • Identify the components of an incident response plan.
    • Evaluate the effectiveness of an incident response plan.
    • Recognise the relationship between incident response, disaster recovery and business continuity planning.
Prerequisites

Possessing and understanding of the core concepts and practices associated with Information Security is essential as this is not a beginners course in Information Security. Attending an introductory course such as Quanta's Cyber Matters, the CompTIA Security+, RESILIA Foundation or equivalents is strongly advised for those new to the sector prior to attending this course.

Pre-course work required

Familiarisation with the syllabus and the broader requirements is essential. Please see course prerequisites for more information regarding learning and courses that may be beneficial.

More about the exam

The exam needs to be booked independently by the delegate using the ISACA website.

Exam Length: 240 minutes
No. of Questions: 150
Pass is 450 from between 200 and 800 and is not a strict average or percentage.

Other requirements such as registering for the qualification, signing the code of ethics and meeting the ISACA requirements for the designation of CISM are also required over and above passing this exam.

About the Lead Trainer

Adam has over 17 years’ experience in IT, training and consultation. He specialises in IT service management, knowing all things COBIT® and ITIL®. Adam always endeavours to put an innovative and engaging spin on his teaching and no two courses are ever the same.