Scribd
Upload
185 views

CISM Syllabus

This document outlines the course syllabus for a Certified Information Security Manager (CISM) certification preparation course. The course aims to teach students the core concepts needed to pass the CISM exam and understand the role of a security manager. It is designed for IT and security professionals and covers four modules: governance, risk management, information security program development, and incident management. The course uses lessons, readings, and activities to instruct students on each of the CISM domains over its multiple week timeline.

Uploaded by

Birhan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
185 views

CISM Syllabus

This document outlines the course syllabus for a Certified Information Security Manager (CISM) certification preparation course. The course aims to teach students the core concepts needed to pass the CISM exam and understand the role of a security manager. It is designed for IT and security professionals and covers four modules: governance, risk management, information security program development, and incident management. The course uses lessons, readings, and activities to instruct students on each of the CISM domains over its multiple week timeline.

Uploaded by

Birhan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Course Syllabus

Certified Information Security Manager (CISM)


Instructor Name: Kelly Handerhan Course Creation Date: 9/29/22

Course Description and Goals

Course Description: This course will prepare you to understand the core concepts required of
a security manager, as well as pass the CISM certification exam.

Prerequisites: While there are no prerequisites for this course, we assume you have
experience in the field of information assurance management. The CISM exam does require five
years of security experience and/or appropriate education to obtain the certification.

Target Audience: This course is designed for IT and information security professionals,
including network engineers, network administrators, IT auditors, IT managers, and anyone else
that wants to learn more about information security management. If you want to advance your
career in IT security or are interested in earning the CISM certification, then you are in the right
place.

Course Outcomes: By the end of this course, you should be able to:

● Pass the CISM exam and know all four CISM domains
● Understand the role a CISM plays in an organization.
● Present the business value and requirements of information security.

Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
1
Course Outline

Module 1 | Governance
● Lesson 1.1: Introduction and Overview
● Lesson 1.2: Information Security Governance
● Lesson 1.3: Frameworks
● Lesson 1.4: Governance, Risk, and Compliance
● Lesson 1.5: COBIT 2019
● Lesson 1.6: ISO 27000 Series
● Lesson 1.7: NIST Cybersecurity Framework
● Lesson 1.8: General Data Privacy Regulation (GDPR)
● Lesson 1.9: Capability Maturity Model Integration (CMMI)
● Lesson 1.10: Legal and Compliance
● Lesson 1.11: Information Security Strategy
● Lesson 1.12: Organizational Culture

Module 2: Risk Management


● Lesson 2.1: Risk Definitions
● Lesson 2.2: Bias
● Lesson 2.3: Developing a Risk Management Program
● Lesson 2.4: NIST 800-39
● Lesson 2.5: NIST 800-30
● Lesson 2.6: Risk Management Lifecycle
● Lesson 2.7: Risk Assessment and Analysis
● Lesson 2.8: NIST SP 800-37 Rev 1 and SDLC
● Lesson 2.9: Risk Response
● Lesson 2.10: Risk Action Plan
● Lesson 2.11: Risk Acceptance
● Lesson 2.12: Risk Mitigation
● Lesson 2.13: Risk Avoidance, Sharing, and Transfer
● Lesson 2.14: Risk Scenarios
● Lesson 2.15: Risk Register
● Lesson 2.16: Cost-Benefit Analysis and ROI
● Lesson 2.17: Risk Monitoring and Communications

Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
2
● Lesson 2.18: Risk Governance and Management
● Lesson 2.19: Risk Review

Module 3 | Information Security Program


● Lesson 3.1: Information Security Program Concepts
● Lesson 3.2: Elements of an Information Security Program
● Lesson 3.3: Business Case and Budget
● Lesson 3.4: Asset Identification and Classification
● Lesson 3.5: Management Controls
● Lesson 3.6: Operational Controls - Part 1
● Lesson 3.7: Operational Controls - Part 2
● Lesson 3.8: Technical Controls
● Lesson 3.9: Symmetric Cryptography
● Lesson 3.10: Asymmetric Cryptography
● Lesson 3.11: Integrity and Non-Repudiation
● Lesson 3.12: Data Security and Endpoint Protection
● Lesson 3.13: Network Protection - Segmentation
● Lesson 3.14: Network Address Translation
● Lesson 3.15: Wireless Networks
● Lesson 3.16: Network Services
● Lesson 3.17: Cloud Integration

Module 4 | Incident Management


● Lesson 4.1: Incident Management Overview
● Lesson 4.2: Incident Management Processes
● Lesson 4.3: Incident Response Plan
● Lesson 4.4: Business Continuity and Disaster Recovery Planning
● Lesson 4.5: Contingency Planning and Sub-Planning
● Lesson 4.6: Contingency Planning and Project Initiation
● Lesson 4.7: Business Impact Analysis (BIA)
● Lesson 4.8: Preventative Controls and Contingency Strategies
● Lesson 4.9: Data Backup and Recovery Phase
● Lesson 4.10: Components of Contingency Plans
● Lesson 4.11: Plan Testing, Training, and Exercise

Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
3
● Lesson 4.12: ISO 27031
● Lesson 4.13: Course Conclusion

Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.
4

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy