Our classes are always live and instructor led from our Exton, PA or EPIC Partner locations. Springhouse AnywhereLive options require Internet Access. Select classes are Guaranteed to Run (GTR). View our complete schedule policies.
Overview
Obtaining an ISACA CISM certification provides executive management with assurance that those earning the certification have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a unique and respected credential. The CISM training program will assist you in becoming part of that elite network, as we'll teach you all the knowledge and skills needed to earn the certification.
Intended Audience
Experienced information security managers and those who have information security management responsibilities, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers.
At Completion
Have an in-depth understanding of the four domains required to pass the CISM exam:
- Information Security Governance
- Information Risk Management and Compliance
- Information Security Program Development and Management
- Information Security Incident Management
Prerequisites
Five years of experience with audit, IT systems, and security of information systems; systems administration experience; familiarity with TCP/IP; and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in the Security+ Prep Course.
Exams & Certifications
Materials
Participants receive a Study Guide to help them prepare for the CISM exam. The Study Guide contains a presentation, a case study, and 20 quiz questions for each domain in the official CISM Review Manual 14 Edition. The Study Guide contains additional material such as suggested study approach, exam taking tips, list of "must know" vocabulary terms, and other suggested readings to aid participants in their exam preparation.
Course Outline
Module 1: Testing-Taking Tips and Study Techniques
- Preparation for the CISM exam
- Submitting Required Paperwork
- Resources and Study Aids
- Passing the Exam the First Time
Module 2: Information Security Governance
- Asset Identification
- Risk Assessment
- Vulnerability Assessments
- Asset Management
Module 3: Information Risk Management
- Asset Classification and Ownership
- Structured Information Risk Assessment Process
- Business Impact Assessments
- Change Management
Module 4: Information Security Program Development
- Information Security Strategy
- Program Alignment of Other Assurance Functions
- Development of Information Security Architectures
- Security Awareness, Training, and Education
- Communication and Maintenance of Standards, Procedures, and Other Documentation
- Change Control
- Lifecycle Activities
- Security Metrics
Module 5: Information Security Program Management
- Security Program Management Overview
- Planning
- Security Baselines
- Business Processes
- Security Program Infrastructure
- Lifecycle Methodologies
- Security Impact on Users
- Accountability
- Security Metrics
- Managing Resources
Module 6: Incident Management and Response
- Response Management Overview
- Importance of Response Management
- Performing a Business Impact Analysis
- Developing Response and Recovery Plans
- The Incident Response Process
- Implementing Response and Recovery Plans
- Response Documentation
- Post-Event Reviews
Module 7: Review and Q&A Session
- Final Review and Test Prep