Overview

This Official ISACA Certified Information Security Manager (CISM) training course focuses on the construction, development, and governance of information security operations. Possession of this certification displays precise knowledge, practice, and copious amounts of experience in the realm of information security management. This CISM training course takes into account practical issues, like the creation of information security programs, and incident management, whilst promoting security practices used globally. CISM teaches delegates how to tailor ever-changing technology to their enterprises. This enables the enterprises to emerge as a valuable organisation and may expand their clientele due to their implementation of CISM certified individuals.

This certification is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.

The demand for skilled information security management professionals is increasing, hence this ISACA CISM certification fulfils business needs. CISM has been accepted as the universal standard to strive towards within the sphere of information security, thus depicting the qualification as a prominent representation of expertise and commitment. This causes CISM holders to be identified as the most certified professionals in the information security realm and means delegates can recognise the link between information security programs and the larger goals of the organisation.

The four domains are as follows:

1. Information Security Governance

2. Information Risk Management and Compliance

3. Information Security Program Development and Management

4. Information Security Incident Management

Learners will receive, within 48hrs of booking, their 12-month digital courseware subscription, study resources, and an official ISACA CISM exam voucher. Learners must book onto the QA official ISACA CISM Exam Prep event (they run monthly), although it is not mandatory to attend. However, we encourage this, as it will help best understand how to navigate the ISACA CISM study platform, we provide tricks and tips for the using the various ISACA CISM study materials, and most important - guidance on the best approach to prepare for the CISM certification exam. The event is hosted by an experienced ISACA authorised CISM instructor – a bonus for the learner.

As an ISACA Official Training Provider, we only use official courseware developed by ISACA to ensure your training is relevant and up to date. Our instructors are verified security experts who hold the CISM and have completed intensive training to teach ISACA content.

Read more +

Prerequisites

There are no prerequisites to learn CISM from this tutorial. However, to get the CISM certification you need to:

  • Pass the CISM examination
  • Submit an application for CISM certification
  • Pay a $50 application fee directly to ISACA
  • Adhere to the Code of Professional Ethics
  • Dedicate to the Continuing Professional Education Program
  • Compliance with the Information Security Standards

The examination is open to all individuals who have an interest in information security. A minimum of 5 years of professional information systems auditing, control or security work experience is required for the CISM certification.

Read more +

Delegates will learn how to

This CISM course will give you the requisite skillsets to design, deploy and manage security architecture for your organisation. The course is aligned with ISACA best practices and is designed to help you pass the CISM exam on your first attempt. Enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification, and it is considered essential to ongoing education and career development. This course will see that you are well-equipped to manage the ongoing security, compliance and governance of your IT organisation.

CISM Domains Weight:

Domain 1: Information Security Governance (17%)

Domain 2: Information Risk Management (20%)

Domain 3: Information Security Program Development and Management (33%)

Domain 4: Information Security Incident Management (30%)

Read more +

Outline

This official ISACA CISM training course covers the following areas:

  • Introduction to Certified Information Security Manager (CISM)
  • Objectives and Expectations
  • What is Information Security?
  • The Goals of Information Security
  • Principles for Information Security Professionals

Domain 1 – Information Security Governance

  • Introduction to Information Security Governance
  • Effective Information Security Governance
  • Governance and Third Party Relationships
  • Information Security Metrics
  • Information Security Governance Metrics
  • Information Security Strategy
  • Information Security Strategy Development
  • Strategy Resources and Constraints
  • Other Frameworks
  • Compliances
  • Action Plans to Implement Strategy
  • Governance of Enterprise IT

Domain 2 – Information Risk Management and Compliance

  • Information Risk Management
  • Risk Management Overview
  • Risk Assessment
  • Information Asset Classification
  • Assessment Management
  • Information Resource Valuation
  • Recovery Time Objectives
  • Security Control Baselines
  • Risk Monitoring
  • Training and Awareness
  • Information Risk Management Documentation

Domain 3 – Information Security Program Development and Management

  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Information Security Program Technology Resources
  • Information Security Program Development
  • Information Security Program Framework
  • Information Security Program Roadmap
  • Enterprise Information Security Architecture (EISA)
  • Security Program Management and Administration
  • Security Program Services and Operational Activities
  • Controls
  • Security Program Metrics and Monitoring
  • Measuring Operational Performance
  • Common Information Security Program Challenges

Domain 4 – Information Security Incident Management

  • Incident Management Overview
  • Incident Management Procedures
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Business Continuity and Disaster Recovery Procedures
  • Post Incident Activities and Investigation
  • ISACA Code of Professional Ethics
  • Laws and Regulations
  • Policy Versus Law Within an Organisation
  • Ethics and the Internet IAB

Read more +

Why choose QA

Need to know

Frequently asked questions

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Let's talk

By submitting this form, you agree to QA processing your data in accordance with our Privacy Policy and Terms & Conditions. You can unsubscribe at any time by clicking the link in our emails or contacting us directly.