CISM: Certified Information Security Manager

////CISM: Certified Information Security Manager

CISM: Certified Information Security Manager

Course ID: CISM 4 Days

CISM: Certified Information Security Manager


CISM – Certified Information Security Manager – The CISM certification is the primary certification for information security professionals who manage, design, oversee and/or assess an enterprise’s information security.

In comparison to other certifications, CISM covers a wide body of knowledge. It is therefore recommended by the sponsoring organization, ISACA, that those sitting for the CISM certification attend a training session.

We offers a most comprehensive CISM review course in 4 day boot camp format for those wishing to thoroughly prepare for the CISM exam. Every student attending the CISM Boot Camp progresses through a number of skill checks to ensure knowledge is retained. The instructors for the CISM Boot Camp are certified with the CISM designation. Our Exam Preparation workshops are specifically designed to cover the new material that will be on the 2012 exams



Experienced information security managers and those who have information security management responsibilities, including:

  • IT consultants
  • Auditors
  • Security policy writers
  • Privacy officers
  • Information security officers
  • Network administrators
  • Security device administrators
  • Security engineers





Instructor-led / Virtual Instructor-led

Singapore: SGD3,950
Malaysia: MYR9,000
Thailand: THB42,000
India: USD3,000


  • Five years of experience with audit, IT systems, and security of information systems
  • Systems administration experience
  • Familiarity with TCP/IP
  • Understanding of UNIX, Linux, and Windows
  • This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course course


Upon the completion of our CISM Exam Prep, students will be familiar with the following concepts:

  • Information Security Governance
  • An information security steering group function
  • Legal and regulatory issues associated with Internet businesses, global transmissions and transborder data flows
  • Common insurance policies and imposed conditions
  • Information security process improvement
  • Recovery time objectives (RTO) for information resources
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security metrics design, development and implementation.
  • Information security management due diligence activities and reviews of the infrastructure.
  • Events affecting security baselines that may require risk reassessments
  • Changes to information security requirements in security plans, test plans and reperformance
  • Disaster recovery testing for infrastructure and critical business applications.
  • The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.
  • External vulnerability reporting sources
  • The key components of cost benefit analysis and enterprise migration plans
  • Privacy and tax laws and tariffs, data import/export restrictions, restrictions on cryptography, warranties, patents, copyrights, trade secrets, national security
  • CISM information classification methods
  • Life-cycle-based risk management principles and practices.
  • Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
  • Security baselines and configuration management in the design and management of business applications and the infrastructure.
  • Acquisition management methods and techniques
  • Evaluation of vendor service level agreements, preparation of contracts)
  • CISM question and answer review


Module 1: Information Security Governance

  • Intro and Benefits of Information Security Governance
  • Components of Governance Framework
  • Roles & Responsibilities
  • Information Security Metrics
  • Information Security Strategy Frameworks
  • Information Security Implementation Program Frameworks

Module 2: Information Risk Management and Compliance

  • Introduction
  • Information Asset Classification and Protection
  • Roles & Responsibilities
  • Introduction to Risk Management
  • Risk Management Process
  • Risk Identification
  • Risk Treatment
  • Controls
  • Risk Monitoring and Analysis
  • HR Risk
  • Risk Reporting

Module 3: Information Security Programme Development and Management

  • Introduction
  • Outcomes
  • IS Program
  • Framework Components
  • IS Program Roadmap
  • Information Security Infrastructure and Architecture
  • Security Program Management Administration
  • Services and Operational Activities
  • Controls
  • Review and Audit

Module 4: Information Security Incident Management

  • Introduction
  • Objectives
  • Incident Management Procedures
  • Developing Incident Response Plan
  • Roles and Responsibilities
  • Content of the Incident Response Plan
  • Business Continuity and Disaster Recovery Procedures

What’s Next

Subscribe to our mailing list for special offers and promotions.

Thank you! Your subscription has been confirmed. You'll hear from us soon.