CISM (Certified Information Security Manager)

• Professional credibility and recognition enhanced
• Career moved ahead rapidly
• Cross-border peer networking boosted
• Earning potential unleashed as CISM certification is among the highest paying IT and impactful certifications that an IT security professional can earn

The training programme aims at improving alignment between your organisation’s information security programme and broader business needs and objectives, and at facilitating career progression of your IS professionals to deliver value to your business:

• Information security programme aligned with your business strategy to attain your organisation’s goals and objectives
• IT security solutions adapted to your business processes based on the corporate culture, tone from the top, technology and organisational structure
• Threat, vulnerability and risk-driven investments in your organisation’s information security initiatives validated

The training course is held 3 days from 9.30 a.m. to 5.00 p.m.

Section 1: Information security governance

1.     Governance and its role for the enterprise

2.     Information security governance explained

3.     Business and IS goals

4.     IT assets and their classification

5.     Business case for IS

6.     GRC concept

7.     Key organizational roles

8.     Measurements of IS

9.     IS strategy

10.  Policies frameworks

11.  Ethics

12.  Culture

13.  3^rd party IS governance

14.  Security controls concepts

15.  Audits

16.  Business Impact assessments

17.  Threat assessments

18.  Vulnerability management

Section 2: Risk management

1.     Concept of risk

2.     Risk management framework

3.     Risk management processes

4.     Risk assessments

5.     Risk handling

6.     Choosing right controls

7.     Operational risk management

8.     Risk monitoring and communication

Section 3: Information Security program development

1.     Concepts of IS program

2.     IS program objectives

3.     IS program roles

4.     IS framework and its components

5.     IS program roadmap

6.     IS Architecture and its components

7.     IS improvement

8.     IS program management activities

9.     IS program operational activities

Section 4: Information Security incident management

1.     Incident management process overview

2.     Incident management roles

3.     Incident management resources

4.     Incident management procedures

5.     Incident response plan and its development

6.     Business continuity and disaster recovery concepts

7.     BCP and DR implementation

8.     BCP and DR testing

9.     Postincident activities

Upon successful completion the participants will be awarded with Course Completion Certificate.