Certified Information Security Manager (CISM)

0( 0 REVIEWS )
Overview              Certified Information Security Manager (CISM) – Skilled information security management professionals are in demand, and well paid, so if …


Certified Information Security Manager (CISM) – Skilled information security management professionals are in demand, and well paid, so if you hope to gain employment in this field, now is the time to do it. This course will be your complete guide, and is a uniquely management-focused look at information security management, which will help you get the job you want.

Learning with Study 365 has many advantages. The course material is delivered straight to you and can be adapted to fit in with your lifestyle. It is created by experts within the industry, meaning you are receiving accurate information, which is up-to-date and easy to understand.

Certified Information Security Manager (CISM) course is comprised of professionally narrated e-Learning modules, interactive quizzes, tests, and exams. All delivered through a system that you will have access to 24 hours a day, 7 days a week for 365 days (12 months).

  • Course Description:
  • Course Duration:
  • Method of Assessment:
  • Certification:
  • Entry Requirement:
  • Career Path:

This online training course is comprehensive and designed to cover the key topics listed under the curriculum.

You will have 12 Months access to your online study platform from the date you purchased the course. The course is self-paced so you decide how fast or slow the training goes. You can complete the course in stages revisiting the training at any time.

At the end of the course, learners will take an online multiple choice question assessment test (please be aware, this is not the official exam). The online test is marked straight away, so you will know immediately if you have passed the course.

Successful candidates will be awarded a certificate for Certified Information Security Manager (CISM).

(This course is not included the official certificate) 

Learners must be age 16 or over and should have a basic understanding of the English Language, numeracy, literacy, and ICT.

This training course will lead you to become a:

  • IT Risk Manager
  • Information Security Manager
  • Network Security Specialist
  • IT Security Officer
  • Cyber Security Manager
  • IT Security Incident Manager

Course Curriculum

Free Introduction
Certified Information Security Manager (CISM) FREE 00:00:00
Course brochure – Certified Information Security Manager (CISM) FREE
1: Information Security Governance
1. CISM Introduction
2. Information Security
3. Business Goals, Objectives, and Functions
4. Business Goals and Information Security
5. Information Security Threats
6. Information Security Management
7. Identity Management
8. Data Protection
9. Network Security
10. Personnel Security
11. Facility Security
12. Security Compliance and Standards
13. Information Security Strategy
14. Inputs and Outputs of the Informtion Security Strategy
15. Processes in an Information Security Strategy
16. People in an Information Security Strategy
17. Technologies in an Indormation Security Strategy
18. Logical and Physical Information Security Strategy Architectures
19. Information Security and Business Functions
20. Information Security Policies and Enterprise Objectives
21. International Standards for the Security Management
22. ISO/IEC 27000 Standards
23. International Info Government Standards
24. Information Security Government Standards in the United States
25. Methods of Coordinating Information Security Activites
26. How to Develop an Information Security Strategy
27. Information Security Governance
28. Role of the Security in Governance
29. Scope of Information Security Governance
30. Charter of Information Security Governance
31. Information Security Governance and Enterprise Governance
32. How to Align Information Security Strategy with Corporate Governance
33. Regulatory Requirements and Information Security
34. Business Impact of Regulatory Requirements
35. Liability Management
36. Liability Management Strategies
37. How to Identify Legal and Regulatory Requirements
38. Business Case Development
39. Budgetary Reporting Methods
39. Budgetary Reporting Methods
40. Budgetary Planning Strategy
41. How to Justify Investment in Info Security
42. Organizational Drivers
43. Impact of Drivers on Info Security
44. Third Party Relationships
45. How to Identify Drivers Affecting the Organization
46. Purpose of Obtaining Commitment to Info Security
47. Methods for Obtaining Commitment
48. ISSG
49. ISSG Roles and Responsibilities
50. ISSG Operation
51. How to Obtain Senior Management’s Commitment to Info Security
52. Info Security Management Roles and Responsibilities
53. How to Define Roles and Responsibilities for Info Securityc
54. The Need for Reporting and Communicating
55. Methods for Reporting in an Organization
56. Methods of Communication in an Organization
57. How to Establish Reporting and Communicating Channels
2: Risk Management
1. Risk
2. Risk Assessment
3. Info Threat Types
4. Info Vulnerabilities
5. Common Points of Exposure
6. Info Security Controls
7. Types of Info Security Controls
8. Common Info Security Countermeasures
9. Overview of the Risk Assessment Process
10. Factors Used in Risk Assessment and Analysis
11. Risk Assessment Methodologies
12. Quantitative Risk Assessment – Part 1-2
13. Qualitative Risk Assessment
14. Hybrid Risk Assessment
15. Best Practices for Info Security Management
16. Gap Analysis
17. How to Implement an Info Risk Assessment Process
18. Info Classification Schemas
19. Components of Info Classification Schemas
20. Info Ownership Schemas
21. Components of Info Ownership Schemas
22. Info Resource Valuation
23. Valuation Methodologies
24. How to Determine Info Asset Classification and Ownership
25. Baseline Modeling
26. Control Requirements
27. Baseline Modeling and Risk Based Assessment of Control Requirements
28. How to Conduct Ongoing Threat and Vulnerability Evaluations
29. BIA’s
30. BIA Methods
31. Factors for Determining Info Resource Sensitivity and Critically
32. Impact of Adverse Events
33. How to Conduct Periodic BIA’s
34. Methods for Measuring Effectiveness of Controls and Countermeasures
35. Risk Mitigation
36. Risk Mitigation Strategies
37. Effect of Implementing Risk Mitigation Strategies
38. Acceptable Levels of Risk
39. Cost Benefit Analysis
40. How to Identify and Evaluate Risk Mitigation Strategies
41. Life Cycle Processes
42. Life Cycle-Based Risk Management
43. Risk Management Life Cycle
44. Business Life Cycle Processes Affected by Risk Management
45. Life Cycled-Based Risk Management Principles and Practices
46. How to Integrate Risk Management Into Business Life Cycle Processes
47. Significant Changes
48. Risk Management Process
49. Risk Reporting Methods
50. Components of Risk Reports
51. How to Report Changes in Info Risk
3: Information Security Program
1. Info Security Strategies
2. Common Info Security Strategies
3. Info Security Implementation Plans
4. Conversation of Strategies Into Implementation Plans
5. Info Security Programs
6. Info Security Program Maintenance
7. Methods for Maintaining an Info Security Program
8. Succession Planning
9. Allocation of Jobs
10. Program Documentation
11. How to Develop Plans to Implement an Info Security Strategy
12. Security Technologies and Controls
13. Cryptographic Techniques
14. Symmetric Cryptography
15. Public Key Cryptography
16. Hashes
17. Access Control
18. Access Control Categories
19. Physical Access Controls
20. Technical Access Controls
21. Administrative Access Controls
22. Monitoring Tools
23. IDS’s
24. Anti-Virus Systems
25. Policy-Compliance Systems
26. Common Activities Required in Info Security Programs
27. Prerequisites for Implementing the Program
28. Implementation Plan Management
29. Types of Security Controls
30. Info Security Controls Development
31. How to Specify info Security Program Activities
32. Business Assurance Function
33. Common Business Assurance Functions
34. Methods for Aligning info Security Programs with Business Assurance Functions
35. How to Coordinate Info Security Programs with Business Assurance Functions
36. SLA’s
37. Internal Resources
38. External Resources
39. Services Provided by External Resources – Part 1-2
40. Skills Commonly Required for Info Security Program Implementation
41. Dentification of Resources and Skills Required for a Particular Implementation
42. Resource Acquisition Methods
43. Skills Acquisition Methods
44. How to Identify Resources Needed for Info Security Program Implementation
45. Info Security Architectures
46. The SABSA Model for Security Architecture
47. Deployment Considerations
48. Deployment of Info Security Architectures
49. How to Develop Info Security Architecture
50. Info Security Policies
51. Components of Info Security Policies
52. Info Security Policies and the Info Security Strategy
53. Info Security Policies and Enterprise Business Objectives
54. Info Security Policy Development Factors
55. Methods for Communicating Info Security Policies
56. Info Security Policy Maintenance
57. How to Develop Info Security Policies
58. Info Security Awareness Program, Training Programs, and Education Programs
59. Security Awareness, Training, and Education Gap Analysis
60. Methods for Closing the Security Awareness, Training, and Education Gaps
61. Security-Based Cultures and Behaviors
62. Methods for Establishing and Maintaining a Security-Based Culture in the Enterprise
63. How to Develop Info Security Awareness, Training, and Education Programs
64. Supporting Documentation for Info Security Policies
65. Standards, Procedures, Guidelines, and Baselines
66. Codes of Conduct
67. NDA’s
68. Methods for Developing Supporting Documentation
69. Methods for Implementing Supporting Documentation and for Communicating Supporting Documentation
70. Methods for Maintaining Supporting Documentation
71. C and A
72. C and A Programs
73. How to Develop Supporting Documentation for Info Security Policies
4: Information Security Program Implementation
1. Enterprise Business Objectives
2. Integrating Enterprise Business Objectives & Info Security Policies
3. Organizational Processes
4. Change Control
5. Merges & Acquisitions
6. Organizational Processes & Info Security Policies
7. Methods for Integrating Info Security Policies & Organizational Processes
8. Life Cycle Methodologies
9. Types of Life Cycle Methodologies
10. How to Integrate Info Security Requirements Into Organizational Processes
11. Types of Contracts Affected by Info Security Programs
12. Joint Ventures
13. Outsourced Provides & Info Security
14. Business Partners & Info Security
15. Customers & Info Security
16. Third Party & Info Security
17. Risk Management
18. Risk Management Methods & Techniques for Third Parties
19. SLA’s & Info Security
20. Contracts & Info Security
21. Due Diligence & Info Security
22. Suppliers & Info Security
23. Subcontractors & Info Security
24. How to Integrate Info Security Controls Into Contracts
25. Info Security Metrics
26. Types of Metrics Commonly Used for Info Security
27. Metric Design, Development & Implementation
28. Goals of Evaluating Info Security Controls
29. Methods of Evaluating Info Security Controls
30. Vulnerability Testing
31. Types of Vulnerability Testing
32. Effects of Vulnerability Assessment & Testing
33. Vulnerability Correction
34. Commercial Assessment Tools
35. Goals of Tracking Info Security Awareness, Training, & Education Programs
36. Methods for Tracking Info Security Awareness, Training, & Education Programs
37. Evaluation of Training Effectiveness & Relevance
38. How to Create Info Security Program Evaluation Metrics
5: Information Security Program Management
1. Management Metrics
2. Types of Management Metrics
3. Data Collection
4. Periodic Reviews
5. Monitoring Approaches
6. KPI’s
7. Types of Measurements
8. Other Measurements
9. Info Security Reviews
10. The Role of Assurance Providers
11. Comparing Internal and External Assurance Providers
12. Line Management Technique
13. Budgeting
14. Staff Management
15. Facilities
16. How to Manage Info Security Program Resources
17. Security Policies
18. Security Policy Components
19. Implementation of Info Security Policies
20. Administrative Processes and Procedures
21. Access Control Types
22. ACM
23. Access Security Policy Principles
24. Identity Management and Compliance
25. Authentication Factors
26. Remote Access
27. User Registration
27. User Registration
28. Procurement
29. How to Enforce Policy and Standards Compliance
30. Types of Third Party Relationships
31. Methods for Managing Info Security Regarding Third Parties
32. Security Service Providers
33. Third Party Contract Provisions
34. Methods to Define Security Requirements in SLA’s, Security Provisions and SLA’s, and Methods to Monitor Security
35. How to Enforce Contractual Info Security Controls
36. SDLC
37. Code Development
38. Common Techniques for Security Enforcement
39. How to Enforce Info Security During Systems Development
40. Maintenance
41. Methods of Monitoring Security Activities
42. Impact of Change and Configuration Management Activities
43. How to Maintain Info Security Within an Organization
44. Due Diligence Activities
45. Types of Due Diligence Activities
46. Reviews of Info Access
47. Standards of Managing and Controlling Info Access
48. How to Provide Info Security Advice and Guidance
49. Info Security Awareness
50. Types of Info Security Stakeholders
51. Methods of Stakeholder Education
52. Security Stakeholder Education Process
53. How to Provide Info Security Awareness and Training
54. Methods of Testing the Effectiveness of Info Security Control
55. The Penetration Testing Process
56. Types of Penetration Testing
57. Password Cracking
58. Social Engineering Attacks
59. Social Engineering Types
60. External Vulnerability Reporting Sources
61. Regulatory Reporting Requirements
62. Internal Reporting Requirements
63. How to Analyze the Effectiveness of Info Security Controls
64. Noncompliance Issues
65. Security Baselines
66. Events Affecting the Security Baseline
67. Info Security Problem Management Process
68. How to Resolve Noncompliance Issues
6: Incident Management and Response
1. Incident Response Capability
2. Components of Incident Response
3. BCP
4. BIA Phase
5. Coop
6. DRP
7. Alternate Sites
8. Develop a BCP
9. Develop a DRP
10. MTD
11. RPO
12. RTO
13. Data Backup Strategies
14. Data Backup Types
15. Data Restoration Strategies
16. Info Incident Management Practices
17. IRP
18. Trigger Events and Types of Trigger Events
19. Methods of Containing Damage
20. How to Develop an IRP
21. Escalation Process
22. Notification Process
23. IRT
24. Crisis Communication
25. How to Establish an Escalation Process
26. Internal Reporting Requirements
27. External Reporting Requirements
28. Communication Process
29. How to Develop a Communication Process
30. IRP and DRP
31. IRP and BCP
32. Methods of Identifying Business Resources Essential to Recovery
33. How to Integrate an IRP
34. Role of Primary IRT Members and Role of Additional IRT Members
35. Response Team Tools and Equipment
36. How to Develop IRT’s
37. BCP testing
38. Disaster Recovery Testing
39. Schedule Disaster Recovery Testing
40. Refine IRP
41. How to Test an IRP
42. Damage Assessment
43. Business Impacts Cause by Security Incidents
44. How to Manage Responses to Info Security Incidents
45. Computer and Digital Forensics
46. Forensic Requirements for Responding to Info Security Incidents
47. Evidence Life Cycle
48. Evidence Collection
49. Evidence Types
50. Five Common Rules of Evidence
51. Chain of Custody
52. How to Investigate an Info Security Incident
53. PIR Methods
54. Security Incident Review Process
55. Investigate Cause of a Security Incident
56. Identify Corrective Actions
57. Reassess Security Risks After a Security Incident
58. How to Conduct a Post-Incident Review
59. Outro – Pre Test/Test Strategy
60. Post Test

Students feedback


Average rating ()
5 Star
4 Star
3 Star
2 Star
1 Star

No Reviews found for this course.

WhatsApp chat