CISM Certified Information Security Manager Overview
Certified Information Security Manager (CISM) Training Course Outline
Domain 1: Information Security Governance
Module 1: Introduction to Information Security Governance
- About Information Security Governance
- Reason for Security Governance
- Security Governance Activities and Results
- Risk Appetite
- Organization Culture
Module 2: Legal, Regulatory and Contractual Requirements
- Introduction
- Requirements for Content and Retention of Business Records
Module 3: Organizational Structures, Roles and Responsibilities
- Roles and Responsibilities
- Monitoring Responsibilities
- Module 4: Information Security Strategy Development
- Introduction
- Business Goals and Objectives
- Information Security Strategy Objectives
- Ensuring Objective and Business Integration
- Avoiding Common Pitfalls and Bias
- Desired State
- Elements of a Strategy
Module 5: Information Governance Frameworks and Standards
- Security Balanced Scorecard
- Architectural Approaches
- Enterprise Risk Management Framework
- Information Security Management Frameworks and Models
Module 6: Strategic Planning
- Workforce Composition and Skills
- Assurance Provisions
- Risk Assessment and Management
- Action Plan to Implement Strategy
- Information Security Program Objectives
Domain 2: Information Security Risk Management
Module 7: Emerging Risk and Threat Landscape
- Risk Identification
- Threats
- Defining a Risk Management Framework
- Emerging Threats
- Risk, Likelihood and Impact
- Risk Register
Module 8: Vulnerability and Control Deficiency Analysis
- Introduction
- Security Control Baselines
- Events Affecting Security Baselines
Module 9: Risk Assessment and Analysis
- Introduction
- Determining the Risk Management Context
- Operational Risk Management
- Risk Management Integration with IT Life Cycle Management Processes
- Risk Scenarios
- Risk Assessment Process
- Risk Assessment and Analysis Methodologies
- Other Risk Assessment Approaches
- Risk Analysis
- Risk Evaluation
- Risk Ranking
Module 10: Risk Treatment or Risk Response Options
- Risk Treatment/Risk Response Options
- Determining Risk Capacity and Acceptable Risk
- (Risk Appetite)
- Risk Response Options
- Risk Acceptance Framework
- Inherent and Residual Risk
- Impact
- Controls
- Legal and Regulatory Requirements
- Costs and Benefits
Module 11: Risk and Control Ownership
- Risk Ownership and Accountability
- Risk Owner
- Control Owner
Module 12: Risk Monitoring and Reporting
- Risk Monitoring
- Key Risk Indicators
- Reporting Changes in Risk
- Risk Communication, Awareness and Consulting
- Documentation
Domain 3: Information Security Program Development and Management
Module 13: Information Security Program Resources
- Introduction
- Information Security Program Objectives
- Information Security Program Concepts
- Common Information Security Program Challenges
- Common Information Security Program Constraints
Module 14: Information Asset Identification and Classification
- Information Asset Identification and Valuation
- Information Asset Valuation Strategies
- Information Asset Classification
- Methods to Determine Criticality of Assets and Impact of Adverse Events
Module 15: Industry Standards and Frameworks for Information Security
- Enterprise Information Security Architectures
- Information Security Management Frameworks
- Information Security Frameworks Components
Module 16: Information Security Policies, Procedures, and Guidelines
- Policies
- Standards
- Procedures
- Guidelines
Module 17: Information Security Program Metrics
- Introduction
- Effective Security Metrics
- Security Program Metrics and Monitoring
- Metrics Tailored to Enterprise Needs
Module 18: Information Security Control Design and Selection
- Introduction
- Managing Risk Through Controls
- Controls and Countermeasures
- Control Categories
- Control Design Considerations
- Control Methods
Module 19: Security Program Management
- Risk Management
- Risk Management Program
- Risk Treatment
- Audit and Reviews
- Third-Party Risk Management
Module 20: Security Program Operations
- Event Monitoring
- Vulnerability Management
- Security Engineering and Development
- Network Protection
- Endpoint Protection and Management
- Identity and Access Management
- Security Incident Management
- Security Awareness Training
- Managed Security Service Providers
- Data Security
- Cryptography
- Symmetric Key Algorithms
Module 21: IT Service Management
- Service Desk
- Incident Management
- Problem Management
- Change Management
- Configuration Management
- Release Management
- Service Levels Management
- Financial Management
- Capacity Management
- Service Continuity Management
- Availability Management
- Asset Management
Module 22: Controls
- Internal Control Objectives
- Information Systems Control Objectives
- General Computing Controls
- Control Frameworks
- Controls Development
- Control Assessment
Module 23: Metrics and Monitoring
- Types of Metrics
- Audiences
- Continuous Improvement
Domain 4: Information Security Incident Management
Module 24: Security Incident Response Overview
- Phases of Incident Response
Module 25: Incident Response Plan Development
- Objectives
- Maturity
- Resources
- Roles and Responsibilities
- Gap Analysis
- Plan Development
Module 26: Responding to Security Incidents
- Detection
- Initiation
- Evaluation
- Recovery
- Remediation
- Closure
- Post-Incident Review
Module 27: Business Continuity and Disaster Recovery Planning
- Business Continuity Planning
- Disaster
- Disaster Recovery Planning
- Testing BC and DR Planning
Who should attend this CISM Certified Information Security Manager Training Course?
The CISM Course in the United States is a globally recognized certification focusing on developing a professional’s expertise in managing Information Security systems and practices. This course can be beneficial for professionals, including:
- Information Security Managers
- Internal Auditors
- Risk Management Specialists
- Compliance Officers
- Security Analysts
- IT Consultants
- Data Protection Officers
Prerequisites of the CISM Certified Information Security Manager Training Course
There are no formal prerequisites for this CISM Certified Information Systems Manager Course. However, a basic understanding of Information Security and experience in job roles related to it can be beneficial for delegates.
Certified Information Security Manager Training Course Overview
The Certified Information Security Manager (CISM) Training in the United States equips professionals with the skills and knowledge to safeguard valuable information assets. It is a highly relevant and crucial discipline in a technology-driven landscape. Certified Information Security Manager, offered by ISACA, is a globally recognized certification that ensures individuals are well-versed in managing and governing an organization's information security.
Acquiring the CISM Certification in the United States is vital as it empowers professionals to navigate the complex landscape of Information Security, ensuring the confidentiality, integrity, and availability of data. IT and Cybersecurity Experts, Risk Managers, Compliance Officers, and those aspiring to lead and manage information security teams should aim to master Certified Information Security Manager.
This intensive 4-day Certified Information Security Manager Training by The Knowledge Academy in the United States gives delegates a comprehensive understanding of Information Security Management. Delegates will gain expertise in risk management, governance, incident response, and security development. Through real-world case studies and practical exercises, delegates will learn how to apply their knowledge effectively, making them invaluable assets to their organizations.
Course Objectives:
- To understand the core principles of Information Security governance
- To learn to develop and manage an Information Security aligned with business objectives
- To master risk management processes to safeguard an organization's assets
- To acquire skills for incident response and recovery
- To gain the ability to establish and maintain Information Security policies and procedures
- To develop the competence to align Information Security with regulatory and compliance requirements
- To learn how to manage and govern Information Security teams effectively
- To prepare for the CISM exam and enhance their career prospects
After completing this training and passing the certification exam in the United States, delegates will be recognized as Certified Information Security Managers. This globally respected certification demonstrates their expertise in Information Security management and opens up numerous career opportunities.
What’s included in this CISM Certified Information Security Manager Training Course?
- World-Class Training Sessions from Experienced Instructors
- CISM Certificate
- Digital Delegate Pack
Why choose us
Ways to take this course
Experience live, interactive learning from home with The Knowledge Academy's Online Instructor-led CISM Certified Information Security Manager. Engage directly with expert instructors, mirroring the classroom schedule for a comprehensive learning journey. Enjoy the convenience of virtual learning without compromising on the quality of interaction.
Unlock your potential with The Knowledge Academy's CISM Certified Information Security Manager, accessible anytime, anywhere on any device. Enjoy 90 days of online course access, extendable upon request, and benefit from the support of our expert trainers. Elevate your skills at your own pace with our Online Self-paced sessions.
What our customers are saying
Timothy is very knowlegeable and was able to answer all of my questions.
Edward King
He was clear and concise in explaining concepts. He was patient with participants
Oluwaseun Oridota
Trevor was incredibly knowledgable and able to use relevant examples to bring the course material to life. This helped with understanding the requirements.
Andrew Hedley
CISM Certified Information Security Manager FAQs
CISM Training is a comprehensive course designed to equip professionals with the knowledge and skills needed to excel in information security management. It covers critical aspects of cybersecurity governance, risk management, and program development.
The CISM Training Course is suitable for IT professionals, security managers, and individuals aspiring to lead and manage information security teams. It caters to those seeking to enhance their expertise in cybersecurity governance and risk management.
In this CISM Course, delegates will have a 4-day training with our experienced instructors, a digital delegate pack consisting of important notes related to this course, and a certificate after course completion.
There are no formal prerequisites for this CISM Certified Information Systems Manager Course.
No, the exam is not included. Delegates need to book their exam through the ISACA website.
Delegates in the Certified Information Security Manager course gain a globally recognized certification, validating their proficiency in information security management. The course enhances career prospects, providing the skills needed to protect organizations from evolving cyber threats.
The Certified Information Security Manager Certification covers key domains including Information Security Governance, Risk Management, Information Security Program Development, Information Security Incident Management, ensuring a holistic understanding of information security principles and practices.
A Certified Information Security Manager monitors all operations and infrastructure, maintain all security tools and technology, monitor internal and external policy compliance, monitor regulation compliance, ensure cybersecurity stays on the organizational radar, etc., are the main roles and responsibilities of the information security manager.
During the CISM (Certified Information Security Manager) Training course, you will learn various essential topics such as disaster recovery planning, risk assessment and analysis, plan development, maturity, types of metrics, incident management tools and technologies configuration management, capacity management, business alignment, and many more.
CISM Course cultivates advanced skills in cybersecurity governance, risk management, and information security program development. Delegates acquire expertise in establishing and managing robust security frameworks, enhancing their ability to lead and protect organizations against evolving cyber threats.
The Knowledge Academy is a coveted training provider which offers multiple courses, comprehensive course content, experienced instructors, flexible learning options, and industry recognition, making it a reliable choice for attending this training course.
The training fees for CISM Certified Information Security Manager certification in the United States starts from $2895
The Knowledge Academy is the Leading global training provider for CISM Certified Information Security Manager.
Please see our CISM Training courses available in the United States
Why choose us
Best price in the industry
You won't find better value in the marketplace. If you do find a lower price, we will beat it.
Many delivery methods
Flexible delivery methods are available depending on your learning style.
High quality resources
Resources are included for a comprehensive learning experience.
"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"
Joshua Davies, Thames Water
Related courses
CISM Certified Information Security Manager in United States
Washington D.C.
AtlantaNew YorkHoustonDallasDenverSeattleLos AngelesChicagoSan FranciscoPhiladelphiaSan DiegoPhoenixBostonAustinDetroitSan JoseTampaColorado SpringsPortlandSacramentoMinneapolisSan AntonioIrvineLas VegasMiamiBellevuePittsburghBaltimoreFairfaxOrlandoRaleighSalt Lake CityColumbusOklahoma CityNashvilleCharlestonColumbiaClevelandCincinnatiMemphisRichmondVirginia BeachLouisvilleFort LauderdaleIndianapolisDes MoinesGrand RapidsNew OrleansWichitaCharlotteHartfordNew JerseyAnchorageOmahaHonoluluAlbuquerqueBaton RougeIowa CityAlbany, NYBoiseMilwaukeeTucsonKansas CitySt LouisJacksonville
AtlantaNew YorkHoustonDallasDenverSeattleLos AngelesChicagoSan FranciscoPhiladelphiaSan DiegoPhoenixBostonAustinDetroitSan JoseTampaColorado SpringsPortlandSacramentoMinneapolisSan AntonioIrvineLas VegasMiamiBellevuePittsburghBaltimoreFairfaxOrlandoRaleighSalt Lake CityColumbusOklahoma CityNashvilleCharlestonColumbiaClevelandCincinnatiMemphisRichmondVirginia BeachLouisvilleFort LauderdaleIndianapolisDes MoinesGrand RapidsNew OrleansWichitaCharlotteHartfordNew JerseyAnchorageOmahaHonoluluAlbuquerqueBaton RougeIowa CityAlbany, NYBoiseMilwaukeeTucsonKansas CitySt LouisJacksonville 
Back to course information
Security Certification
Save upto 25%Included courses:
CISA Certified Information Systems Auditor$2895
CISM Certified Information Security Manager$2895
CISSP Certification$4695
Total without package: $13680
Package price: $10295 (Save $3385)
Information Security Bundle
Save upto 40%Total without package: $10785
Package price: $6495 (Save $4290)
Limited budget?
To help and support our clients we are providing a limited number of 250 daily discount codes. Hurry, first come, first served!
If you miss out, enquire to get yourself on the waiting list for the next day!
If you wish to make any changes to your course, please
