Welcome to Comnet Group Inc.

Courses

Certified Information Security Manager (CISM®)

Course number: CGICISM40 - 3 Days (weekdays or on-demand)

This course equips professionals with the knowledge and skills to manage and govern an enterprise’s information security program effectively. The course provides preparation for the CISM certification exam, covering key domains such as risk management, governance, and incident response.

Course Objectives

By the end of this course, participants will be able to:

  • Develop, implement, and manage an enterprise information security program.
  • Establish governance frameworks for information security policies and procedures.
  • Conduct risk assessments and implement risk mitigation strategies.
  • Ensure compliance with industry regulations and legal requirements.
  • Oversee security incident management and response strategies.
  • Align information security with business objectives and IT governance.
Prerequisites
  • CISM is intended for information security professionals with at least five years of relevant work experience and at least three years in the role of information security manager.
Target Audience

Information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

Certification

CISM by ISACA

Exam

CISM Exam

Accreditation

Post class completion, students can appear for the CISM exam.

Course Content
Domain 1: Information Security Governance
  • Enterprise Governance Overview
  • Organizational Culture, Structures, Roles and Responsibilities
  • Legal, Regulatory and Contractual Requirements
  • Information Security Strategy
  • Information Governance Frameworks and Standards
  • Strategic Planning
Domain 2: Information Risk Management
  • Risk and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Assessment, Evaluation and Analysis
  • Information Risk Response
  • Risk Monitoring, Reporting and Communication
Domain 3: Information Security Program Development & Management
  • IS Program Development and Resources
  • IS Standards and Frameworks
  • Defining an IS Program Road Map
  • IS Program Metrics
  • IS Program Management
  • IS Awareness and Training
  • Integrating the Security Program with IT Operations
  • Program Communications, Reporting and Performance Management
Domain 4: Information Security Incident Management
  • Incident Management and Incident Response Overview
  • Incident Management and Response Plans
  • Incident Classification/Categorization
  • Incident Management Operations, Tools and Technologies
  • Incident Investigation, Evaluation, Containment and Communication
  • Incident Eradication, Recovery and Review
  • Business Impact and Continuity
  • Disaster Recovery Planning
  • Training, Testing and Evaluation

Available Formats

Live Online
Register
To use reCAPTCHA you must get an API key from https://www.google.com/recaptcha/admin