CISM - Solomon People Solutions

Certified Information Security Manager (CISM) Training

The Certified Information Security Manager (CISM) training is designed to prepare individuals for the CISM certification exam, which is recognized globally for its focus on information security management. This training equips participants with the knowledge and skills required to manage and oversee an organization’s information security program effectively. The course covers best practices, standards, and frameworks for information security management.

Overview

Certified Information Security Manager (CISM)® is a widely recognized IT Security certification for professionals across industry sectors globally. The CISM certification course is developed by ISACA and is ideal for anybody looking to pursue a career in the IT Security and Governance domain. This 5-day Certified Information Security Manager (CISM) certification course validates your knowledge and skill in risk management, information security, incident management, and more.

Target Audience

Job roles that can take up CISM training include, but are not limited to:

  • IT Managers
  • Security Consultants
  • Security Auditors
  • System Security Architects
  • Auditing Professionals
  • Security Managers
  • Chief Compliance Officers
  • Information Security Managers
  • ISO Professionals
  • Information Security/IT consultants
  • Security Analysts
  • Anybody who wants to gain knowledge of CISM concepts in an enterprise set up
  • Anybody who is looking pursue a career in the information security domain
  • Anybody who is looking to clear their CISM Certification Exam

Pre-Requisites

Pre-Requisites

  • Candidates who wish to take up the Certified Information Security Manager (CISM) certification exam should have a minimum 5 years of work experience in 3 or more domains of information security management.
  • There can be an experience waiver of 2 years for the required 5-year experience in the form of:
    • Certified Information Systems Auditor
    • Certified Information Systems Security Professional
    • Should have PG Degree in Information Security or any other related fields
  • There can be an experience waiver of 1 year for the required 5-year experience in the form of:
    • 1 year of work experience in the Information Systems management domain
    • 1 year of work experience in the IT Security domain
    • Specialized certifications such as, Microsoft Certified Systems Engineer, and CBCP, and more

Exam Info

Exam Information 

Exam Name Certified Information Security Manager (CISM)
CISM Exam Cost For ISACA Members USD 575 and Non-Members USD 760
Exam Format Multiple Choice
Total Questions 150 Questions
Passing Score 400 out of 800
Exam Duration 4 Hours (240 Minutes)
Languages English, German, Italian,
French, Japanese, Korean,
Chinese (simplified), Chinese (Traditional) Turkish, and Spanish
Testing Center ISACA (PSI)
Course Duration:  32 Hours
Course Syllabus

Domain 1: Information Security Governance (17%)

PART A: ENTERPRISE GOVERNANCE

  • Importance of Information Security Governance
  • Organizational Culture
  • Legal, Regulatory, and Contractual Requirements
  • Organizational Structures, Roles and Responsibilities

PART B: INFORMATION SECURITY STRATEGY

  • Information Security Strategy Development
  • Information Governance Frameworks and Standards
  • Strategic Planning

Domain 2: Information Security Risk Management (20%)

PART A: INFORMATION RISK ASSESSMENT

  • Risk and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Analysis, Evaluation, and Assessment

PART B: INFORMATION RISK RESPONSE

  • Risk Treatment/Risk Response Options
  • Risk and Control Ownership
  • Risk Monitoring and Reporting

Domain 3: Information Security Program (33%)

PART A: INFORMATION SECURITY PROGRAM DEVELOPMENT

  • Information Security Program Overview
  • Information Security Program Resources
  • Information Asset Identification and Classification
  • Industry Standards and Frameworks for Information Security
  • Information Security Policies, Procedures and Guidelines
  • Defining an Information Security Program Road Map
  • Information Security Program Metrics

 

PART B: INFORMATION SECURITY PROGRAM MANAGEMENT

  • Information Security Control Design and Selection
  • Information Security Control Implementation and Integration
  • Information Security Control Testing and Evaluation
  • Information Security Awareness and Training
  • Integration of the Security Program with IT Operations
  • Management of External Services and Relationships
  • Information Security Program Communications and Reporting

Domain 4: Incident Management (30%)

PART A: INCIDENT MANAGEMENT READINESS

  • Incident Management and Incident Response Overview
  • Incident Management and Incident Response Plans
  • Business Impact Analysis > Business Continuity Plan
  • Disaster Recovery Plan
  • Incident Classification/Categorization
  • Incident Management Training, Testing and Evaluation

PART B: INCIDENT MANAGEMENT OPERATIONS

  • Incident Management Tools and Technologies
  • Incident Investigation and Evaluation
  • Incident Containment Methods
  • Incident Response Communications
  • Incident Eradication and Recovery
  • Post-Incident review practices

Benefits

Participants who take part in the Certified Information Security Manager (CISM) training will learn:

  • Identifying, managing, and responding to security incidents
  • Creating an incident response plan to achieve business continuity and create disaster recovery strategies
  • About business impact analysis and gap analysis in IT security management
  • Creating robust IT Security plans with proper background knowledge of the enterprise and industry it belongs to
  • Understand the link between an enterprises’ IT Security plans in line with business objectives and goals.

Schedule & Fee

Up-coming Schedule: 

Please contact us to know about the upcoming schedule.