Certified Information Security Manager Course (CISM)

This course is designed for managers and senior professionals in information security who intend to take the Certified Information Security Manager (CISM) examination. Recognised internationally, CISM certification is issued by the Information Systems Audit and Control Association (ISACA). The curriculum covers all four of the key domains addressed in the exam: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.

Overview

Tutor - Graeme Parker, Managing Director at Parker Solutions Group

As a Cyber Security and Risk Management professional, Mr. Graeme Parker is equipped with highly valuable technical business skills obtained in high profile private and public sector organizations.

With a proven experience in successfully implementing Information Risk Management Frameworks, as well as developing Effective Management Systems for Risk and Governance, his focus remains in shaping deliverable Cyber and Information Security strategies. Leading several projects to drive organizations through the successful implementation of ISO/IEC 27001, PCI-DSS and various compliance frameworks, Mr. Parker applies his knowledge and experience across many areas of security, including developing security architectures, business processes and procedures, training programs, risk frameworks, audit programs and business continuity plans.

Adding to his consulting competencies, Mr. Parker is also a certified trainer delivering courses to clients across the globe on topics such as ISO/IEC 27001, ISO 22301, Privacy and Data Protection, CISA, CISSP, CISM and Risk Management. Presently the Managing Director of PECB UK & Ireland and Parker Solutions Group, Mr. Parker is a former member of Capita Business Services, Fujitsu Services, the UK National Health Service, and the Yorkshire Bank.

Prerequisites

Participants must possess basic knowledge about the different domains that will be addressed in the CISM exam. The course is an intensive review in preparation for the examination, not basic training.

Participants must understand English since the provided documentation is written in that language.

Exam

The certification exam is not included with the course. To apply for the examination, go to the official web site of ISACA (www.isaca.org).

CISM certification is based on a multiple-choice exam consisting of 150 questions about the 4 domains – Length: 4 hours.

Agenda

• Information Security Governance
• Information Risk Management and Compliance
• Information Security Program Development and Management
• Information Security Incident Management
• Exam Preparation: Practice Exam, questions-answers

Learning Outcomes

• Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations
• Identify and manage information security risks to achieve business objectives
• Design, develop and manage an information security program to implement the information security governance framework
• Oversee and direct information security activities to execute the information security program
• Develop and manage a capability to respond to and recover from disruptive and destructive information security events
• Fully understand the theory and practice of the 37 task statements and 60 knowledge statements