Empowering You To Achieve Success

Search
Facebook Instagram Linkedin Twitter

Certified Information Security Manager (CISM)

Course Overview

Unlock a new horizon of opportunities with the CISM certification—an exceptional management-focused certification that promotes international security practices. Claim your position as a leader in managing, designing, overseeing, and assessing an enterprise’s information security.

Notably, the CISM certification program holds accreditation from The American National Standards Institute (ANSI) under ISO/IEC 17024:2012, meeting the General Requirements for Bodies Operating Certification Systems of Persons.

Sign up now to validate your skills as a Certified Information Security.

Who Should Attend

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include:

  • Information Security Managers
  • Aspiring Information Security Managers
  • IS/IT Consultants
  • Chief Information Officers

Course Objectives

At the end of this training course, participants will be able to:

  • Establish and/or maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives.
  • Manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives.
  • Develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture.
  • Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Course Content

The job practice domains and task and knowledge statements are as follows:

  • Domain 1—Information Security Governance (24%)
  • Domain 2—Information Risk Management (30%)
  • Domain 3—Information Security Program Development and Management (27%)
  • Domain 4—Information Security Incident Management (19%)

Domain 1 – Information Security Governance

  • Explain the need for and the desired outcomes of an effective information security strategy
  • Create an information security strategy aligned with organizational goals and objectives
  • Gain stakeholder support using business cases
  • Identify key roles and responsibilities needed to execute an action plan
  • Establish metrics to measure and monitor the performance of security governance

Domain 2 – Information Risk Management

  • Explain the importance of risk management as a tool to meet business needs and develop a security management program to support these needs
  • Identify, rank, and respond to a risk in a way that is appropriate as defined by organizational directives
  • Assess the appropriateness and effectiveness of information security controls
  • Report information security risk effectively

Domain 3- Information Security Program Development and Management

  • Align information security program requirements with those of other business functions.
  • Manage the information security program resources.
  • Design and implement information security controls.
  • Incorporate information security requirements into contracts, agreements and third-party management processes

Domain 4 – Information Security Incident Management

  • Understand the concepts and practices of Incident Management
  • Identify the components of an Incident Response Plan and evaluate its effectiveness
  • Understand the key concepts of Business Continuity Planning, or BCP and Disaster Recovery Planning, or DRP
  • Be familiar with techniques commonly used to test incident response capabilities

Table of Contents

Course Code DU0402 Category
Location: Dubai, UAE
Duration: 5 Days
Language: English
Cost: 15,770 SAR
Inquire
Search