CISM - Certified Information Security Manager

CISM (Certified Information Security Manager) is a key certification for information security professionals who manage, design, oversee, and assess enterprise information security. This CISM certification course, closely aligned with ISACA's best practices, helps you learn about IT security systems.

Course Overview
Course Content
Exam & Certification
FAQs

About the course

You will acquire the requisite skills to design, deploy, and manage security architecture for your organization with this CISM certification training from Simplilearn. This course is aligned with ISACA best practices. Today, enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification.

Eligibility

CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for security consultants and managers, IT directors and managers, security auditors and architects, security system engineers, CISOs, information security managers, IT consultants, and risk officers.

Pre-requisites

Learners need to possess an undergraduate degree or a high school diploma. A completed application submitted within five years from the date of initially passing the examination (you must ensure that all experience is independently verified by employers). The experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination. Three of the five years of work experience must be gained in the role of an information security manager (it must be broad and gained in three of the four CISM domains).

Skills Covered

Information Security Governance
Information Security Incident Management
Design security architecture
Knowledge of ISACA domains
Information security programs
Enterprise IT frameworks

Course Content

Certified Information Security Manager (CISM®)

Lesson 01: Course Introduction
- 1.01 Welcome to Certified Information Security Manager Course
- 1.02 Certification Overview
- 1.03 Skills Covered
Lesson 02: Information Security Governance: Enterprise Governance
- 2.01 Organizational Culture
- 2.02 Governance vs. Management
- 2.03 Legal Regulatory and Contractual Requirements
- 2.04 Data Security Frameworks
- 2.05 Data States
- 2.06 Organizational Structures Roles and Responsibilities
Lesson 03: Information Security Governance: Information Security Strategy
- 3.01 Information Security Strategy Development
- 3.02 Information Governance Frameworks and Standards
- 3.03 Strategic Planning
- 3.04 SWOT Analysis
- 3.05 Opex and Capex
- 3.06 KGI's KPI's and KRI's
- 3.07 CIA Triad
- 3.08 Designing security into software
- 3.09 US Data Privacy Laws
- 3.10 GDPR
Lesson 04: Information Security Risk Management Information Security: Risk Assessment
- 4.01 Emerging Risk and Threat Landscape
- 4.02 Risk Identification
- 4.03 Risk Management
- 4.04 Vulnerability and Control Deficiency Analysis
- 4.05 Risk Assessment and Analysis
- 4.06 COBIT
- 4.07 Attackers and Phishing
- 4.08 ISO 27001
Lesson 05: Information Security Risk Management Information Security: Risk Response
- 5.01 Risk Treatment and Response
- 5.02 Risk and Control Ownership
- 5.03 Risk Monitoring and Reporting
Lesson 06: Information Security Program Information Security: Program Development
- 5.01 Risk Treatment and Response
- 6.01 Information Security Program Resources
- 6.02 Information Asset Identification and Classification
- 6.03 Information Security Policies Procedures and Guidelines
- 6.04 Information Security Program Metrics
Lesson 07: Information Security Program Information Security: Program Management
- 7.01 Information Security Control Design and Selection
- 7.02 Information Security Control Implementation and Integrations
- 7.03 Information Security Control Testing and Evaluation
- 7.04 Information Security Awareness and Training
- 7.05 Management of External Services
- 7.06 Information Security Program Communications and Reporting
- 7.07 Introduction to Access Control
- 7.08 Authentication and Authorization
- 7.09 Introduction to Cryptography
- 7.10 Overview of Encryption
- 7.11 Hashing
- 7.12 Social Engineering Attacks
Lesson 08: Incident Management: Incident Management Readiness
- 8.01 Incident Management Plan
- 8.02 Business Impact Analysis (BIA)
- 8.03 Business Continuity Plan (BCP)
- 8.04 Disaster Recovery Plan (DRP)
- 8.05 Incident Classification and Categorization
- 8.06 Incident Management Training and Testing
Lesson 09: Incident Management: Incident Management Operations
- 9.01 Incident Management Tools and Techniques
- 9.02 Incident Containment Methods
- 9.03 Incident Response Communications
- 9.04 Incident Eradication and Recovery
- 9.05 Post incident Review Practices

How do you become a CISM certified professional?

To become CISM certified, you must meet the following requirements:

Successful completion of the CISM examination
Adherence to the ISACA Code of Professional Ethics
Agree to comply with the Continuing Education Policy
Five years of work experience in the field of information security, three of which must be as an information security manager. Work experience must be gained in three of the four CISM domains. All information must be verified independently by employers.
Submit an application for CISM certification Training within five years from the date of initially passing the exam

FAQs

How do I enroll in this online training?
You can enroll in this training on our website and make an online payment using any of the following option
- Visa Credit or Debit Card
- MasterCard
- American Express
- Diners Club
- PayPal
Once payment is received, you will automatically receive a payment receipt and access information via email.

CISM - Certified Information Security Manager