CISM – Certified Information Security Manager

Duration of course

• Course Duration is that of 16 Hours, on two consecutive weekends.

Who should take this course?

• Security Consultants and Managers
• IT Directors and Managers
• Security Auditors and Architects
• Security Systems Engineers
• Chief Information Security Officers (CISOs)
• Information Security Managers
• IS/IT Consultants
• Chief Compliance/Privacy/Risk Officers

Learning Outcomes

• Understanding Information Security Governance.
• Performing Information Risk Management & Compliance.
• Infusing Information Security Program Development and Management.
• Performing Information Security Incident Management

1. Information Security Governance

Part A: Enterprise Governance

• Importance of Information Security Governance
• Organisational Culture
• Legal, Regulatory and Contractual Requirements
• Organisational Structures, Roles and Responsibilities

Part B: Information Security Strategy

• Information Security Strategy Development
• Information Governance Frameworks and Standards
• Strategic Planning

2. Information Security Risk Management

Part A: Information Risk Assessment

• Emerging Risk and Threat Landscape
• Vulnerability and Control Deficiency Analysis
• Risk Analysis, Evaluation and Assessment

Part B: Information Risk Response

• Risk Treatment/Risk Response Options.
• Risk and Control Ownership
• Risk Monitoring and Reporting

3. Information Security Program

Part A: Information Security Program Development

• Information Security Program Overview
• Information Security Program Resources
• Information Asset Identification and Classification
• Industry Standards and Frameworks for Information Security
• Information Security Policies, Procedures and Guidelines
• Defining an Information Security Program Road Map
• Information Security Program Metrics

Part B: Information Security Program Management

• Information Security Control Design and Selection
• Information Security Control Implementation and Integration
• Information Security Control Testing and Evaluation
• Information Security Awareness and Training
• Integration of the Security Program with IT Operations
• Management of External Services and Relationships
• Information Security Program Communications and Reporting

4. Incident Management

Part A: Incident Management Readiness

• Incident Management and Incident Response Overview
• Incident Management and Incident Response Plans
• Business Impact Analysis
• Business Continuity Plan
• Disaster Recovery Plan
• Incident Classification/Categorization
• Incident Management Training, Testing and Evaluation

Part B: Incident Management Operations

• Incident Management Tools and Technologies
• Incident Investigation and Evaluation
• Incident Containment Methods
• Incident Response Communications
• Incident Eradication and Recovery
• Post Incident Review Practices

Delivery Format

• 16 Hours Practical Instructor-led Online Training.
• Case Studies used as reference examples to ensure practical learning.

Trainers & Consultants

The course will be led by certified trainers and consultants. The content of this course is crafted with precision to understand the subject better and will be delivered by highly experienced trainers who have an in-depth knowledge of the subject. We also bring forth an interactive Q & A session and post-training support.

More Information

• The CISM is a desired certification if you have at least five years of information security work experience and at least three years of work experience in three or more job practice analysis areas of information security management. Work experience must be obtained within 10 years of seeking certification or within 5 years of completing the test.
• The following security related qualifications and management experience in information systems can be used to substitute the requisite amount of information security employment experience.

2 Years:

• Certified Information Systems Auditor (CISA) in good standing
• Certified Information Systems Security Professional (CISSP) in good standing
• Post graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

1 Year

• 1 year of experience in information systems management.
• 1 year of experience in general security management.
• Skill based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business
• Continuity Professional (CBCP), ESL IT Security Manager)

Cancellation Policy

• Requests for withdrawal or postponement must be made in writing to Tsaaro Academy.
• Refunds arising from course withdrawal/deferment will be subjected to the following terms:
• More than 2 weeks before course commencement: Full refund.
• Less than 2 weeks before course commencement: 50% refund.
• On or after course commencement: No refund.

Confirmation & Reservation

When registration is confirmed, participants will receive our email confirmation along with information about the course programme. If no seats are available for the applied date, you will be notified immediately and given an alternative date. Tsaaro Academy reserves the right to change the course schedules, programmes and content without prior notice. We also reserve the right to cancel courses due to unforeseen circumstances.

Certificate of Proficiency

Tsaaro Academy is a unique privacy certification training platform where we strive to provide operational leadership, best practices, training, and support for data privacy. PECB is a certification body that provides education and certification under ISO 17024 for individuals in a wide range of disciplines. PECB provides learners with valuable education, evaluation, and certification against rigorous internationally recognized standards. 

For more information regarding our courses, please feel free to contact us. Mobile : +91 77609 23421 E-mail: info@tsaaroacademy.com BOOK YOUR SEAT NOW!