Certified Information Security Manager - CISM Course
Course Description
Delegates will achieve 2 main objectives:
1) They will have the skills and knowledge of the core competencies required of a world class information security professional whether planning to sit for the examination or not, they will have gained this in a structured learning environment.
2) They will have gained the knowledge required for, and have thoroughly prepared for the certification examination in systematic way.
Course pre-requisites:
Topics covered on the 3 day Certified Information Security Manager - CISM course
Information Security Governance
- Develop information security strategy to align with business strategy and direction
- Obtain senior management commitment and support for information security across the entire enterprise
- Define information security governance roles and responsibilities
- Establish reporting and communication channels regarding information security governance activities
Risk Management
- Develop a systematic, analytical, and continuous risk management process
- Understand and implement risk identification, analysis, and mitigation activities
- Define and prioritize risk mitigation strategies
- Appropriately report changes in risk to the correct levels of management on a periodic and event-driven basis
Information Security Program Management
- Create and maintain plans for implementing a carefully designed information security governance framework
- Develop information security baselines from organizational needs, as well as international standards
- Develop guidelines and procedures for integrating security risk management into business processes
- Develop procedures and guidelines for the IT infrastructure that comply with senior-level information security policies
- Ensure security is effectively incorporated into the organizations established change management processes
- Effectively integrate information security policies, guidelines, procedures, and accountability into the organization’s culture
Legal Issues
- Manage security risk from contracts; transfer risk with contracts
- Understand information security compliance issues resulting from Sarbanes-Oxley
Information Technology Deployment Risks
- Properly align IT strategic planning with organizational strategic planning
- Control risk within software development or acquisition projects
IT Management Risks
- How to position information security management within the organization
- Control IT security risk relating to IT funding
IT Networks and Telecommunications Risks
- Manage risk associated with social engineering, physical infrastructure threats, malicious code, and software vulnerabilities
Integrating Information Security into Business Continuity, Disaster Recovery, and Incident Response
- Develop and implement processes for identifying, detecting, and analyzing security-related events procedures
- Organize, train, and properly equip response teams
Course Classification:
This is an instructor led training course taught in a classroom based environment.
Scheduled course dates
| September 2010 | October 2010 | November 2010 | December 2010 | January 2011 |
| - | - | 22-24 | - | - |
View full schedule of Network Security courses
Print / Download PDF Version of full course schedule
If you would prefer to run this course at your premises as you have several employees to place on the course perhaps, then we are also able to offer onsite Security Training and bespoke Security courses