• Online, Instructor-Led
  • Classroom

Designed for IT professionals with technical >Information risk management

Information security program development
Information security program management
Incident management and response
expertise and experience in IS/IT security and control looking to transition from team player to manager. CISM can add credibility and confidence to interactions with internal and external stakeholders, peers and regulators.
This certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need

Learning Objectives

Explain the relationship between executive leadership, enterprise governance and information security governance.
Outline the components used to build an information security strategy.
Explain how the risk assessment process influences the information security strategy.
Articulate the process and requirements used to develop an effective information risk response strategy.
Describe the components of an effective information security program.
Explain the process to build and maintain an enterprise information security program.
Outline techniques used to assess the enterprise’s ability and readiness to manage an information security incident.
Outline methods to measure and improve response and recovery capabilities.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):