Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Certified Information Security Manager (CISM®) Certification
Overview

You will establish processes to ensure that information security measures align with established business needs.

Target Student:

The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

Prerequisites

To ensure your success, we recommend that students taking this course should have professional experience in information security in at least one of the following areas:
  • Information security governance
  • Information risk management
  • Information security program development
  • Information security program management
  • Incident management and response

Course-specific Technical Requirements

Hardware

This course is designed so that it can be run without computer hardware or software for students. If the instructor wants to use the overheads provided on the course CD-ROM, the following hardware will be required.
  • A Pentium® III with 500 MHz (or better), or Macintosh® Intel-based or PowerPC G4 (or better) processor.
  • At least 512 MB of RAM.
  • A monitor capable of 1024 x 768 screen resolution and 32-bit color display.
  • A projection system to display the overheads to the students.
Software

Each computer requires the following software:
  • Microsoft® Windows Vista®, Windows® XP (Professional or Home Edition), Windows 2000, or Apple® Mac OS® X 10.4 (or higher).
Course Objectives

Upon successful completion of this course, students will be able to:
  • establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
  • identify and manage information security risks to achieve business objectives.
  • create a program to implement the information security strategy.
  • implement an information security program.
  • oversee and direct information security activities to execute the information security program.
  • plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents.
Course duration

5 Days

Course outline

Lesson 1: Information Security Governance
  • Topic 1A: Develop an Information Security Strategy
  • Topic 1B: Align Information Security Strategy with Corporate Governance
  • Topic 1C: Identify Legal and Regulatory Requirements
  • Topic 1D: Justify Investment in Information Security
  • Topic 1E: Identify Drivers Affecting the Organization
  • Topic 1F: Obtain Senior Management Commitment to Information Security
  • Topic 1G: Define Roles and Responsibilities for Information Security
  • Topic 1H: Establish Reporting and Communication Channels
Lesson 2: Information Risk Management
  • Topic 2A: Implement an Information Risk Assessment Process
  • Topic 2B: Determine Information Asset Classification and Ownership
  • Topic 2C: Conduct Ongoing Threat and Vulnerability Evaluations
  • Topic 2D: Conduct Periodic BIAs
  • Topic 2E: Identify and Evaluate Risk Mitigation Strategies
  • Topic 2F: Integrate Risk Management into Business Life Cycle Processes
  • Topic 2G: Report Changes in Information Risk
Lesson 3: Information Security Program Development
  • Topic 3A: Develop Plans to Implement an Information Security Strategy
  • Topic 3B: Security Technologies and Controls
  • Topic 3C: Specify Information Security Program Activities
  • Topic 3D: Coordinate Information Security Programs with Business Assurance Functions
  • Topic 3E: Identify Resources Needed for Information Security Program Implementation
  • Topic 3F: Develop Information Security Architectures
  • Topic 3G: Develop Information Security Policies
  • Topic 3H: Develop Information Security Awareness, Training, and Education Programs
  • Topic 3I: Develop Supporting Documentation for Information Security Policies
Lesson 4: Information Security Program Implementation
  • Topic 4A: Integrate Information Security Requirements into Organizational Processes
  • Topic 4B: Integrate Information Security Controls into Contracts
  • Topic 4C: Create Information Security Program Evaluation Metrics
Lesson 5: Information Security Program Management
  • Topic 5A: Manage Information Security Program Resources
  • Topic 5B: Enforce Policy and Standards Compliance
  • Topic 5C: Enforce Contractual Information Security Controls
  • Topic 5D: Enforce Information Security During Systems Development
  • Topic 5E: Maintain Information Security Within an Organization
  • Topic 5F: Provide Information Security Advice and Guidance
  • Topic 5G: Provide Information Security Awareness and Training
  • Topic 5H: Analyze the Effectiveness of Information Security Controls
  • Topic 5I: Resolve Noncompliance Issues
Lesson 6: Incident Management and Response
  • Topic 6A: Develop an Information Security Incident Response Plan
  • Topic 6B: Establish an Escalation Process
  • Topic 6C: Develop a Communication Process
  • Topic 6D: Integrate an IRP
  • Topic 6E: Develop IRTs
  • Topic 6F: Test an IRP
  • Topic 6G: Manage Responses to Information Security Incidents
  • Topic 6H: Perform an Information Security Incident Investigation
  • Topic 6I: Conduct Post-Incident Reviews
Appendix A: ISACA® CISM® Certification Process
    Please contact your training representative for more details on having this course delivered onsite or online

    Training Outlines - the one stop shopping center for IT training.
    © Training Outlines All rights reserved