Certified Information Security Manager (CISM)

Course details

The CISM course is designed to teach professionals international security practices and expertise to manage designs, administer and assess IT security for organizations of every size and scale.

• Here you learn to build core competencies in maintaining and completely owning the security aspect of your organization's IT.
• Students develop critical thinking skills and sound judgment to perform tasks required to achieve CISM certification.
• The course focusses on giving knowledge to professionals with Information Security Governance covering creation of security policies, strategies and business cases.
• Understand what standards and frameworks are needed as best practice in meeting compliance.
• This will align the strategies with the business goals. Furthermore, it makes an individual understand the importance of Risk Management process along with how to develop and maintain an Information security program.
• He learns different ways to identify and respond to risks with asset classification.
• How to utilize the organization resources and understand people, processes and technology.
• Define risk management roles and responsibilities.
• t will help him understand how the security strategies and controls are implemented.
• Also understand the effectiveness of controls.
• This course will further enhance his skills to identify, analyze, manage and respond to Incidents.
• Develop an Incident Response Plan with understanding of Business Continuity and Disaster Recovery.
• Also prepare Learner to understand what is Business Impact Analysis and Gap Analysis.

Information Security Governance

• Affirms the expertise to establish and/or maintain an information security governance framework to ensure that the information security strategy is aligned with organizational goals and objectives.
• Domain 1 confirms your ability to develop and oversee an information security governance framework to guide activities that support the information security strategy.
• Managing Information Risk—proficiency
• In this key realm denotes advanced ability to manage information risk to an acceptable level, in accordance with organizational risk appetite, while facilitating the attainment of organizational goals and objectives.
• Domain 2 demonstrates expertise in classifying information assets to ensure measures taken to protect those assets are proportional to their business value.

 
Developing and Managing an Information Security Program

• Establishes ability to develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning with business goals.
• Domain 3 attests to ability to ensure the information security program adds value while supporting operational objectives of other business functions.

 
Information Security Incident Management

• Validates capacity to plan, establish and manage detection, investigation, response and recovery from information security incidents in order to minimize business impact.
• Domain 4 establishes your skills in accurately classifying and categorizing information security incidents and developing plans to ensure timely and effective response.

  Updated on 20 July, 2020