CISM® - Certified Information Security Manager
he CISM certification program was developed by ISACA for experienced information security management professionals who have experience developing and managing information security programs and who understand the program's relationship to the overall business goals. The CISM exam consists of 200 multiple-choice questions that cover the four CISM domains. The American National Standards Institute (ANSI) has accredited the CISM certification program under ISO/IEC 17024:2003, General Requirements for Bodies Operating Certification Systems of Persons.
About this Course
The CSIM course is blended learning combining classroom instruction (remote-live) and self paced training.
Outline
Domain 1: Information Security Governance
Develop an information security strategy, aligned with business goals and directives. Establish and maintain an information security governance framework. Integrate information security governance into corporate governance. Develop and maintain information security policies. Develop business cases to support investments in information security. Identify internal and external influences to the organization. Gain ongoing commitment from senior leadership and other stakeholders. Define, communicate and monitor information security responsibilities Establish internal and external reporting and communication channels.
Domain 2: Information Risk Management
Establish and/or maintain a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value. Identify legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels. Ensure that risk assessments, vulnerability assessments and threat analyses are conducted consistently, and at appropriate times, to identify and assess risk to the organization’s information. Identify, recommend or implement appropriate risk treatment/response options to manage risk to acceptable levels based on organizational risk appetite. Determine whether information security controls are appropriate and effectively manage risk to an acceptable level. Facilitate the integration of information risk management into business and IT processes to enable a consistent and comprehensive information risk management program across the organization. Monitor for internal and external factors (e.g., threat landscape, cybersecurity, geopolitical, regulatory change) that may require a reassessment of risk to ensure that changes to existing or new risk scenarios are identified and managed appropriately. Report noncompliance and other changes in information risk to facilitate the risk management decision-making process. Ensure that information security risk is reported to senior management to support an understanding of the potential impact on the organizational goals and objectives.
Domain 3: Information Security Program Development & Management
Develop a security program, aligned with information security strategy Ensure alignment between the information security program and other business functions Establish and maintain requirements for all resources to execute the IS program Establish and maintain IS architectures to execute the IS program Develop documentation that ensures compliance with policies Develop a program for information security awareness and training Integrate information security requirements into organizational processes Integrate information security requirements into contracts and activities of third parties Develop procedures (metrics) to evaluate the effectiveness and efficiency of the IS program Compile reports to key stakeholders on the overall effectiveness of the IS program and the underlying business processes in order to communicate security performance.
Domain 4: Information Security Incident Management
Define (types of) information security incidents Establish an incident response plan Develop processes for timely identification of information security incidents Develop processes to investigate and document information security incidents Develop incident escalation and communication processes Establish teams that effectively respond to information security incidents Test and review the incident response plan Establish communication plans and processes Determine the root cause of IS incidents Align the incident response plan with DRP and BCP.
Exam Details
Exam: CISM® - Certified Information Security Manager
Exam Pass Guarantee
At Microtrain we are committed to your success! Let us show you the return you get from great tech training. We will personally guarantee that if you take our class and follow our program you will be successfully certified!
Raves & Praise
David
A Cisco Success Story
I attended a resume writing seminar & conducted mock phone interviews with a Microtrain career counselor. These two activities gave me a leg up on distinguishing myself from all the other people looking for work. Since the career counselor's at Microtrain had a track record of getting people hired, their insight and positive past experiences helped me tremendously in getting hired with a Cisco Voice Systems Integrator in the Chicago area. I was hired as a Cisco Voice Tech Engineer with a starting salary of $65,000 / year with a Cisco voice systems reseller located in the Chicagoland area. Microtrain was very instramental in making this a reality. From expediting my WIA grant, to providing excellent hands-on training from knowledgable instructors I was able to achieve becoming certified with my CCNP. Microtrain's career services was the final catalyst in connecting me with this company by communicating with them on my behalf and with me in setting up the interview. One week later and I was hired. No joke. Thanks Microtrain!
Jean S.
PMP Certification Training, Lombard, 2008
I was laid off for many months and not really getting many callbacks for my resume and no job offers. After I put the letters PMP on it, not only did I see an increase in quantity, but also quality of interviews. I had been spinning my wheels for 5 months, and after the PMP went on, I had 2 job offers in 6 weeks. It really was the "golden ticket"
Christopher Fowler
MCSA
Very thorough, good mix of lecture and lab work. Al is great! Keeps classes interesting and supplements required test material with need-to-know items from real world experience.
Scott Wilson - Team Bradley
Employer Partner Feedback
Dawn has been a pleasure to work with. She is diligent in her efforts to give MicroTrain’s students the best opportunities to connect and network with various companies and players in the job market. The curriculums and certification programs are in line with today’s current IT needs. It’s good to see that they evolve with what employers are most seeking out there. I would recommend to any employer that hires skilled IT workers that they look into MicroTrain’s career services department as a potential source of candidates. The business of hiring can be quite costly, and Dawn and her staff provide a free service to outside companies. This value-add for MicroTrain’s students aligns with their mission in both training and job assistance to set up a win/win scenario for all involved.
Jennie
Student Employment Success - Project/Process Manager
My Career Services Manager was very friendly and helpful and had excellent follow-up. She seemed to really care how things were going and kept me moving in the right direction. The resources available in job search were great and the visibility that there were jobs out there looking for my skillset was promising. Additionally, the training, as well as having an updated resume stating the Microtrain course work I had taken made me feel more confident and marketable as I looked for employment. It showed that I was dedicated and took project management and process management seriously.
Connect with MicroTrain
Begin building a successful long-term career pathway.