Certified Information Security Manager (CISM)
4.6 /5- Offered bySkillsoft
Certified Information Security Manager (CISM) at Skillsoft Overview
Duration | 28 hours |
Total fee | ₹17,876 |
Mode of learning | Online |
Difficulty level | Intermediate |
Credential | Certificate |
Future job roles | E-governance |
Certified Information Security Manager (CISM) at Skillsoft Highlights
- Mock tests with unlimited attempts & feedback - Test & study mode
- 400mn+ users & used by Professionals in 70% of Fortune 500 companies
Certified Information Security Manager (CISM) at Skillsoft Course details
- IT Security Professionals
- Security Managers
- System Administrators
- IT professionals who want to get certified and move to a security profile
- Unlimited Access to Online Content for six months
- Course Completion certificate - renowned globally
- 400mn+ users, World's No 1 & trained 70% of Fortune 500 companies
- Career boost for students and professionals
- Content aligned with Information Systems Audit and Control Association (ISACA)
- Unlimited mock test attempts
- Certified Information Security Manager (CISM) is a certification for information security managers awarded by ISACA, an international professional association focused on IT Governance. This CISM course has been designed specifically to offer candidates the best-in-the-industry training to play the role of an information security manager
- Aimed at providing the requisite learning path for those preparing for the CISM certification, the course offers high-quality online learning content and study materials
- The course covers a wide range of topics related to information security like security governance, risk management, compliance, program development and management, and incident management
- Providing a career boost, the course follows the 2015 ISACA Candidate Information Guide and candidates will get a course completion certificate
Certified Information Security Manager (CISM) at Skillsoft Curriculum
CISM: Information Security Governance (Part 1)
identify the tasks within the information security governance job practice area
recognize the outcomes of information security governance
recognize the difference between corporate governance and information security governance
match senior management roles with their corresponding responsibilities related to information security governance
identify the elements of the information security business model
recognize the interconnections between the elements of the information security business model
recognize key concepts related to information security governance
identify the optimal reporting relationship between senior management and the information security manager
label examples of reports about information security according to their intended recipients within an organization
identify the goal of converging security-related functions
identify categories of key goal indicators
recognize key concepts related to information security management
CISM: Information Security Governance (Part 2)
match the key participants in developing an information security strategy with their corresponding responsibilities
recognize appropriate models for developing an information security strategy
label examples of pitfalls that organizations may encounter as they develop an information security strategy
assess the effectiveness of a given management team's efforts to develop an information security strategy
recognize questions that an information strategy should answer
recognize two types of objectives an information security strategy should have
identify the key elements of a business case for an information security program
recognize key concepts related to approaches for determining the desired state of security
identify the aspects of security that must be assessed when determining the current state
identify the components of a roadmap for achieving security objectives
match constraints that must be considered when developing an information security strategy to their corresponding descriptions
assess the efforts of a given management team to create a roadmap for its information security strategy
CISM: Information Security Governance (Part 3)
match organizational resources with descriptions of how they are used in developing an information security strategy
distinguish between policies, standards, procedures, and guidelines
match employee-related resources with descriptions of how they impact development of an information security strategy
identify risk-related resources that become part of an information security strategy
match strategies for addressing risk to corresponding examples
recognize key concepts related to information security strategy resources
match the components of an information security action plan with their corresponding roles within the strategy
identify types of metrics used to monitor progress toward achieving information security objectives
match indicators that security objectives have been met with their corresponding descriptions
recognize the key facts about the components of an information security strategy
CISM: Information Risk Management and Compliance (Part 1)
identify the tasks within the information risk management job practice area
identify the outcomes of risk management
sequence the steps in planning a risk management program
recognize the qualities of a good risk management plan
match roles in risk management program development with their corresponding responsibilities
recognize the steps of the risk management process
distinguish between the concepts of risk management, risk analysis, and risk assessment
recognizing activities of the risk management program planning process
associate steps in the risk management process with specific outcomes of an effective risk management program
label examples as either threats or vulnerabilities
recognize examples of risk categories
recognize the process for conducting a semiquantitative risk analysis
match quantitative risk analysis methods with their corresponding descriptions
match common risk assessment methodologies with corresponding descriptions
recognize risk assessment concepts
perform quantitative risk analysis, given a scenario
CISM: Information Risk Management and Compliance (Part 2)
identify examples of information assets that should be valuated
match valuation methods with corresponding examples
recognize how to classify information assets
match disaster recovery terms with their corresponding definitions
recognize considerations related to outsourcing security services to a third-party provider
determine information asset valuation methodologies used by a given information security manager
perform information asset classification
distinguish between examples of RTOs and RPOs
match risk treatment options with corresponding examples of their use
classify examples of controls
identify types of controls
recognize considerations when planning controls and countermeasures
identify the key responsibilities of an information security manager related to risk monitoring and communication
recognize methods of integrating risk management processes with other life-cycle processes within an organization
determine appropriate actions to effectively manage a given risk
CISM: Information Security Program Development and Management (Part 1)
define the purpose of the Information Security Program Development and Management domain
describe the tasks within Information Security Program Development and Management job practice area
describe the fundamentals of an information security program
recognize how an information security program supports the objectives of information security governance
identify the defining goals of the information security program
identify key information security program concepts
develop an information security program
develop an information security program
CISM: Information Security Program Development and Management (Part 2)
describe the function of COBIT 5 in the information security management framework
identify the objectives of the information security management framework
describe the function of ISO/IEC 27001:2013 in the information security management framework
recognize the components of the information security management framework
create an information security program road map
recognize what the information security architecture involves
recognize the questions an information security manager should ask when building an IS architecture
develop an information security management framework
CISM: Information Security Program Development and Management (Part 3)
identify responsibilities of an information security manager related to administering an information security program
identify good practices related to security personnel and positive security culture
identify areas that should be part of a security awareness program
identify areas that an information security manager must be aware of and raise awareness of amongst security personnel
identify responsibilities of information security manager related to documentation
identify project management processes that are performed by information security managers
recognize key activities of the PDCA methodology
identify key points regarding the evaluation of an information security program
recognize key points related to information security management
recognize key project management responsibilities of an information security manager
recognize key points about evaluating an information security program
CISM: Information Security Program Development and Management (Part 4)
match information organizational roles to their corresponding responsibilities
determine the responsibilities of individuals within an organization related to standard security program components
sequence the steps of a security review, given a scenario
identify key points regarding audits that an information security manager should remember during program implementation
identify preventive measures that minimize security risk
identify the responsibilities of an information security manager with relation to compliance monitoring and enforcement
recognize the results of commonly used risk analysis methods
recognize the responsibilities of an information security manager related to monitoring and compliance
identify activities that allow an information security manager to integrate a security program within an organization
recognize strategies for managing risk of outsourcing when using third-party service providers
recognize examples of cloud computing models
recognize the responsibilities of an information security manager related to process integration and outsourcing
CISM: Information Security Program Development and Management (Part 5)
distinguish between two types of information security controls
recognize principles of effective security control
recognize examples of physical, environmental, and technical controls
distinguish between examples of controls and countermeasures
identify factors to consider when recommending improvements to information security controls
describe types of controls and how they are used in information security management
explain the use of controls and countermeasures to manage risk
categorize examples of information security metrics
determine whether a given metric would be effective
recognize examples of measures used to assess the effectiveness of an information security program
recognize examples of monitoring activities
recognize the relationship between information security metrics, measurement, and monitoring
recognize effective approaches to measuring and monitoring an information security program
recognize strategies for overcoming common challenges to information security management
Other courses offered by Skillsoft
Student Forum
Anything you would want to ask experts?