Overview:

The intent of this course is to provide a common body of knowledge for information security management. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents.

Duration: 

04 days (32 hours)

Objectives:

-      Use the knowledge gained in a practical manner beneficial to your organisation

-      Establish and maintain an Information security governance framework to achieve your organization goals and objectives

-      Manage Information risk to an acceptable level to meet the business and compliance requirements

-      Establish and maintain information security architectures (people, process, technology)

-      Integrate information security requirements into contracts and activities of third parties/ suppliers

-      Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Intended Audience:

-      Security professionals with 3-5 years of front-line experience; Information security managers or those with management responsibilities; Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO's, CIO's, CSO's, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions.

Prerequisites:

-      There is no set pre requisite for this course. ISACA do require a minimum of five years' professional information security work experience to qualify for full certification. You can take the CISM exam prior to meeting ISACA’s experience requirements, but the CISM qualification is awarded after you meet the experience requirements. However, there is no restriction in getting yourself certified in the early stages of your career and start practicing globally acceptant Information security management practices.

Course outlines:

• Domain 1 - Information Security Governance
• Domain 2 - Information Risk Management and Compliance
• Domain 3 - Information Security Program Development and Management
• Domain 4 - Information Security Incident Management