Certified Information Security Manager (CISM)
The CISM certification, with its management-oriented approach, champions global security standards and recognizes professionals who are responsible for the management, design, supervision, and evaluation of an organization’s information security. CISM is a universally acknowledged standard of excellence in this domain, and the need for proficient information security management experts is steadily increasing.
What Will I Learn?
- 1. Information Security Governance: You will gain an understanding of the principles and practices of information security governance, including the establishment of an effective governance framework and aligning security with business goals.
- 2. Risk Management: CISM covers risk management concepts and techniques, helping you identify, assess, and manage information security risks within an organization.
- 3. Information Security Program Development and Management: You will learn how to design, develop, and manage an information security program tailored to an organization's needs. This includes strategies for policy development and program implementation.
- 4. Information Security Incident Management: CISM teaches you how to effectively plan, establish, and manage an incident response and recovery process. You'll learn how to handle security incidents and breaches.
- 5. Information Security Management: The training covers core information security management concepts, including security frameworks, standards, and best practices, such as ISO/IEC 27001, NIST, and COBIT.
- 6. Security Control Design and Implementation: You'll gain insights into designing and implementing security controls and measures to protect information assets. This includes technical and administrative controls.
- 7. Security Governance Metrics: CISM covers the development and use of security metrics and key performance indicators (KPIs) to measure and communicate the effectiveness of information security governance.
- 8. Security Policies and Procedures: You will learn how to develop and implement security policies, procedures, and guidelines, ensuring compliance with industry standards and regulations.
- 9. Legal and Regulatory Compliance: The training includes understanding legal and regulatory requirements related to information security and ensuring that an organization remains compliant.
- 10. Business Continuity and Disaster Recovery Planning: CISM addresses business continuity and disaster recovery planning, helping organizations prepare for and recover from disruptive incidents.
- 11. Security Awareness and Training: You'll understand the importance of creating a culture of security within an organization and how to develop security awareness and training programs for employees.
- 12. Ethics and Professionalism: CISM emphasizes the ethical and professional conduct expected of information security managers and professionals.
- 13. International Standards and Frameworks: The certification aligns with international standards and frameworks, including ISO/IEC 27001, ISO/IEC 27002, and COBIT, ensuring a global perspective on information security management.