Welcome to Comnet Group Inc.

Courses

Certified Information Security Manager (CISM®)

Course number: CGICISM40

The CISM certification program was developed by ISACA for experienced information security management professionals who have experience developing and managing information security programs, and who understand the program’s relationship to the overall business goals. The CISM exam consists of 150 multiple-choice questions that cover the four CISM domains. The American National Standards Institute (ANSI) has accredited the CISM certification program under ISO/IEC 17024:2003, General Requirements for Bodies Operating Certification Systems of Persons.

This course supports a certification that is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.

What You’ll Learn

In-depth coverage of the four domains required to pass the CISM exam:

  • Information Security Governance
  • Information Risk Management and Compliance
  • Information Security Program Development and Management
  • Information Security Incident Management

Requirements for CISM Certification:

Five years of experience in information security within the last decade, with three years of management experience in three or more of the following core areas:

  • Information security management
  • Information risk management and compliance
  • Information security program development and management
  • Information security incident management
Target Audience

Information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

Certification

CISM by ISACA

Exam

CISM Exam

Accreditation

Post class completion, students can appear for the CISM exam.

Course Outline
Domain 1: Information Security Governance
  • Enterprise Governance Overview
  • Organizational Culture, Structures, Roles and Responsibilities
  • Legal, Regulatory and Contractual Requirements
  • Information Security Strategy
  • Information Governance Frameworks and Standards
  • Strategic Planning
Domain 2: Information Risk Management
  • Risk and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Assessment, Evaluation and Analysis
  • Information Risk Response
  • Risk Monitoring, Reporting and Communication
Domain 3: Information Security Program Development & Management
  • IS Program Development and Resources
  • IS Standards and Frameworks
  • Defining an IS Program Road Map
  • IS Program Metrics
  • IS Program Management
  • IS Awareness and Training
  • Integrating the Security Program with IT Operations
  • Program Communications, Reporting and Performance Management
Domain 4: Information Security Incident Management
  • Incident Management and Incident Response Overview
  • Incident Management and Response Plans
  • Incident Classification/Categorization
  • Incident Management Operations, Tools and Technologies
  • Incident Investigation, Evaluation, Containment and Communication
  • Incident Eradication, Recovery and Review
  • Business Impact and Continuity
  • Disaster Recovery Planning
  • Training, Testing and Evaluation

Available Formats

Live Online
Register
To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin