Back
Information Technology
Certified Information Security Manager (CISM) - ML
Description
This course teaches students about IT governance, information risk management, security program management and development, and incident management and response.
Course Overview
This course teaches students about IT governance, information risk management, security
program management and development, and incident management and response.
Course Prerequisites
No results found.
Course Agenda
5 Title
Course Agenda
1
Introduction to the CISM
Introduction to the CISM
Topic A: Defining the CISM
What is the CISM Anyway?
The Role of a CISM
Structure of the CISM
After You Pass
Topic B: Course Structure
Domains Covered
Chapter 1 Review
Topic A: Defining the CISM
What is the CISM Anyway?
The Role of a CISM
Structure of the CISM
After You Pass
Topic B: Course Structure
Domains Covered
Chapter 1 Review
2
IT Governance
IT Governance
Topic A: IT Governance
What is IT Governance?
Objectives of IT Governance
Tasks & Responsibilities for the ISM
Task vs. Knowledge Statements
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Requirement Seven
Requirement Eight
Topic B: Working with IT Governance
IS Governance
IS Governance
Importance of IS Governance
Outcomes of Security Governance
#1 Strategic Alignment
#2 Risk Management
#3 Value Delivery
#4 Resource Management
#5 Performance Measurement
#6 Integration
Effective Governance
Roles & Responsibilities of Senior Management
IS Manager
Who Does a CISO Report to?
Senior Management Support
Scope & Charter of Security Governance
Principles to Guide Implementation
Security Governance Metrics
Components of Security Metrics
Strategic Alignment
Strategic Alignment Indicators
Topic C: Risk Management
Risk Management
Indicators of Risk Management
Value Delivery
Resource Management
Performance Measurement
Assurance Process Convergence
IS Strategy Objectives
Setting Goals
Info Sec Strategy
- Defining Objectives
The Desired State
The Desired State
- Approaches
Approaches (Cont.)
Approaches (Cont.)
Risk Objectives
Determining Current State
IS Strategy
Strategy
- Resources
Chapter 2 Review
Topic A: IT Governance
What is IT Governance?
Objectives of IT Governance
Tasks & Responsibilities for the ISM
Task vs. Knowledge Statements
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Requirement Seven
Requirement Eight
Topic B: Working with IT Governance
IS Governance
IS Governance
Importance of IS Governance
Outcomes of Security Governance
#1 Strategic Alignment
#2 Risk Management
#3 Value Delivery
#4 Resource Management
#5 Performance Measurement
#6 Integration
Effective Governance
Roles & Responsibilities of Senior Management
IS Manager
Who Does a CISO Report to?
Senior Management Support
Scope & Charter of Security Governance
Principles to Guide Implementation
Security Governance Metrics
Components of Security Metrics
Strategic Alignment
Strategic Alignment Indicators
Topic C: Risk Management
Risk Management
Indicators of Risk Management
Value Delivery
Resource Management
Performance Measurement
Assurance Process Convergence
IS Strategy Objectives
Setting Goals
Info Sec Strategy
- Defining Objectives
The Desired State
The Desired State
- Approaches
Approaches (Cont.)
Approaches (Cont.)
Risk Objectives
Determining Current State
IS Strategy
Strategy
- Resources
Chapter 2 Review
3
Information Risk Management
Information Risk Management
Topic A: What is Risk Management
Definition
Objectives
Job Tasks & Responsibilities
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Topic B: Examining Risk Management
Risk Management Overview
Risk Management Overview
Roles & Responsibilities
IS Risk Management Concepts
IS Risk Management Concepts
IS Risk Management Concepts
Technologies
Implementing Risk Management
Implementing Risk Management
Categories of Threats
Risk Management Options
Risk Assessment
Controls & Countermeasures
Resource Valuation Resources
Chapter 3 Review
Topic A: What is Risk Management
Definition
Objectives
Job Tasks & Responsibilities
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Topic B: Examining Risk Management
Risk Management Overview
Risk Management Overview
Roles & Responsibilities
IS Risk Management Concepts
IS Risk Management Concepts
IS Risk Management Concepts
Technologies
Implementing Risk Management
Implementing Risk Management
Categories of Threats
Risk Management Options
Risk Assessment
Controls & Countermeasures
Resource Valuation Resources
Chapter 3 Review
4
Security Program Management and Development
Security Program Management and Development
Topic A: What is a Security Program?
Job Tasks and Responsibilities
Task Statement One
Task Statement Two
Task Statement Three
Task Statement Four
Task Statement Five
Task Statement Six
Task Statement Seven
Task Statement Eight
Task Statement Nine
Task Statement Ten
Task Statement Eleven
Topic B: Developing a Security Program
Security Program Development Overview
Importance of Security Program Development
Outcomes of Security Program Development
Effective Security Program Development
Effective Security Program Development
InfoSec Program Development Technologies
Security Manager
Scope and Charter of Program Development
Assurance Function Integration
Anticipating Challenges (Pitfalls)
Security Program Development Objectives
Defining a Road Map
Developing a Security Program Road Map
Architecture and Design Review
Security Spot Check
Security Program Integration
Topic C: Role of Security Management
IS Management Overview
Importance of Security Management
Outcomes of Security Management
Board of Directors Responsibilities
Executive Management Responsibilities
Steering Committee Responsibilities
Information Technology Unit Responsibilities
Business Unit Managers Responsibilities
Human Resources Responsibilities
Legal Department Responsibilities
Measure Cost
-Effectiveness
Chapter 4 Review
Topic A: What is a Security Program?
Job Tasks and Responsibilities
Task Statement One
Task Statement Two
Task Statement Three
Task Statement Four
Task Statement Five
Task Statement Six
Task Statement Seven
Task Statement Eight
Task Statement Nine
Task Statement Ten
Task Statement Eleven
Topic B: Developing a Security Program
Security Program Development Overview
Importance of Security Program Development
Outcomes of Security Program Development
Effective Security Program Development
Effective Security Program Development
InfoSec Program Development Technologies
Security Manager
Scope and Charter of Program Development
Assurance Function Integration
Anticipating Challenges (Pitfalls)
Security Program Development Objectives
Defining a Road Map
Developing a Security Program Road Map
Architecture and Design Review
Security Spot Check
Security Program Integration
Topic C: Role of Security Management
IS Management Overview
Importance of Security Management
Outcomes of Security Management
Board of Directors Responsibilities
Executive Management Responsibilities
Steering Committee Responsibilities
Information Technology Unit Responsibilities
Business Unit Managers Responsibilities
Human Resources Responsibilities
Legal Department Responsibilities
Measure Cost
-Effectiveness
Chapter 4 Review
5
Incident Management and Response
Incident Management and Response
Topic A: Purpose of Incident Handling
Objective
Job Tasks and Responsibilities
IRT
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Requirement Seven
Requirement Eight
Requirement Nine
Requirement Ten
Topic B: Components of Incident Management
Importance of Incident Management
Importance of Incident Management
Result of Incident Management
Incident Management Concepts
Technologies
Scope and Charter
Assurance Function Integration
Information Security Manager
Incident Management Metrics
Effective Incident Management
Resource Management
Detailed Plan of Action for Incident Response
Challenges in Developing an IMP
Incident Management Resources
Roles and Responsibilities
Roles and Responsibilities (cont.)
Roles and Responsibilities (cont.)
IRT Team
- Skills Needed
Awareness and Education
Audits
BIA
Outsourced Security Providers
Current State of Incident Response Capability
Developing an IRP
Chapter 5 Review
Topic A: Purpose of Incident Handling
Objective
Job Tasks and Responsibilities
IRT
Requirement One
Requirement Two
Requirement Three
Requirement Four
Requirement Five
Requirement Six
Requirement Seven
Requirement Eight
Requirement Nine
Requirement Ten
Topic B: Components of Incident Management
Importance of Incident Management
Importance of Incident Management
Result of Incident Management
Incident Management Concepts
Technologies
Scope and Charter
Assurance Function Integration
Information Security Manager
Incident Management Metrics
Effective Incident Management
Resource Management
Detailed Plan of Action for Incident Response
Challenges in Developing an IMP
Incident Management Resources
Roles and Responsibilities
Roles and Responsibilities (cont.)
Roles and Responsibilities (cont.)
IRT Team
- Skills Needed
Awareness and Education
Audits
BIA
Outsourced Security Providers
Current State of Incident Response Capability
Developing an IRP
Chapter 5 Review