Certified Information Security Manager (CISM) Official Course

This event is primarily for ISACA Ireland and ISACA UK Chapter Members only.

The courses is offered with two pricing options.

Barebones - This is the full course delivered by webinar.

The printed materials will be posted out in advance.

All - In In addition to the Barebones, this includes the Exam voucher (Remote Proctoring) Study Manual (Electronic or Hard Copy) and the CISM Review Questions, and the Answers & Explanations (QAE) Database (one year subscription)

Schedule:

Tuesday 26th November 2024 09:00 to 17:00 Zoom Webinar

Wednesday 27th Tuesday 2024 09:00 to 17:00 Zoom Webinar

Tuesday 3rd December 2024 09:00 to 17:00 Zoom Webinar

Wednesday 4th December 2024 09:00 to 17:00 Zoom Webinar

The sessions will not be recorded.

The Cut-off date for registration is listed with the relevant tickets. If there are insufficent attendees to make the course viable it will be cancelled and refunds issued or invoices withdrawn.

Prerequisites. None to sit the CISM Exam. However, you will need to demonstrate a minimum of 5-years of professional information security management work experience - as described in the CISM job practice areas. The work experience for CISM certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply for certification.

Substitutions and waivers may be obtained for a maximum of 2-years to reduce the 5-years of professional information security management work experience

Course Outline

ISACA’s Certified Information Security Manager (CISM) certification is for those with technical expertise and experience in IS/IT security and control and wants to make the move from team player to manager. CISM can add credibility and confidence to your interactions with internal and external stakeholders, peers and regulators.

The course covers all four domians of the CISM Syllabus.

Domain 1 Information Security Governance (17%)

• Enterprise Governance Overview

• Organizational Culture, Structures, Roles and Responsibilities

• Legal, Regulatory and Contractual Requirements

• Information Security Strategy

• Information Governance Frameworks and Standards

• Strategic Planning

Domain 2 – Information Security Risk Management (20%)

• Risk and Threat Landscape

• Vulnerability and Control Deficiency Analysis

• Risk Assessment, Evaluation and Analysis

• Information Risk Response

• Risk Monitoring, Reporting and Communication

Domain 3: Information Security Program Development and Management (33%)

• IS Program Development and Resources

• IS Standards and Frameworks

• Defining an IS Program Road Map

• IS Program Metrics

• IS Program Management

• IS Awareness and Training

• Integrating the Security Program with IT Operations

• Program Communications, Reporting and Performance Management

Domain 4 : Information Security Incident Management (30%)

• Incident Management and Incident Response Overview

• Incident Management and Response Plans

• Incident Classification/Categorization

• Incident Management Operations, Tools and Technologies

• Incident Investigation, Evaluation, Containment and Communication

• Incident Eradication, Recovery and Review

• Business Impact and Continuity

• Disaster Recovery Planning

• Training, Testing and Evaluation

Any queries to - [email protected]

Host or Publisher ISACA Ireland