CISM®- Certified Information Security Manager

This CISM certification training from Simplilearn will give you the requisite skillsets to design, deploy and manage security architecture for your organization. The course is aligned with ISACA best practices and is designed to help you pass the CISM exam on your first attempt. Enterprises and government agencies increasingly expect their IT professionals to hold a CISM certification, and it is considered essential to ongoing education and career development. This course will see that you are well-equipped to manage the ongoing security, compliance and governance of your IT organization.

By the end of this training you will be able to:
  • Define and design security architecture for your IT operation
  • Develop a working knowledge of the four domains prescribed by the ISACA Exam Candidate Information Guide 2015
  • Demonstrate a deep understanding of the relationship between information security programs and broader business goals and objectives.
  • Focus on IT compliance and the integrity of enterprise systems to establish a more secure enterprise IT framework
  • Earn the requisite 16 CPEs required to take the CISM certification exam
  • Acquire the relevant knowledge and skills required to pass the CISM certification exam
CISM certification is a globally recognized professional requirement in the IT Security domain. This certification is best suited for:
  • Security consultants and managers
  • IT directors and managers
  • Security auditors and architects
  • Security systems engineers
  • Chief Information Security Officers (CISOs)
  • Information security managers
  • IS/IT consultants
  • Chief Compliance/Privacy/Risk Officers

Domain 01: Information Security Governance

1
Lesson 1: Information Security Governance Overview
  • Information Security Governance Overview Part 1
  • Information Security Governance Overview Part 2
  • Information Security Governance Overview Part 3
  • Information Security Governance Overview Part 4
  • Information Security Governance Overview Part 5
  • Importance of Information Security Governance Part 1
  • Importance of Information Security Governance Part 2
  • Outcomes of Information Security Governance Part 1
  • Outcomes of Information Security Governance Part 2
  • Outcomes of Information Security Governance Part 3
  • Outcomes of Information Security Governance Part 4
  • Outcomes of Information Security Governance Part 5
  • Outcomes of Information Security Governance Part 6
2
Lesson 2: Effective Information Security Governance
  • Business Goals and Objectives Part 1
  • Business Goals and Objectives Part 2
  • Roles and Responsibilities of Senior Management Part 1
  • Roles and Responsibilities of Senior Management Part 2
  • Domain Tasks Part 1
  • Domain Tasks Part 2
  • Business Model for Information Security Part 1
  • Business Model for Information Security Part 2
  • Business Model for Information Security Part 3
  • Business Model for Information Security Part 4
  • Dynamic Interconnections Part 1
  • Dynamic Interconnections Part 
  • Dynamic Interconnections Part 3
  • Dynamic Interconnections Part 4
3
Lesson 3: Information Security Concepts and Technologies
  • Information Security Concepts and Technologies Part 1
  • Information Security Concepts and Technologies Part 2
  • Information Security Concepts and Technologies Part 3
  • Technologies Part 1
  • Technologies Part 2
4
Lesson 4: Information Security Manager
  • Responsibilities
  • Senior Management Commitment Part 1
  • Senior Management Commitment Part 2
  • Obtaining Senior Management Commitment Part 1
  • Obtaining Senior Management Commitment Part 2
  • Establishing Reporting and Communication Channels Part 1
  • Establishing Reporting and Communication Channels Part 2
5
Lesson 5: Scope and Charter of Information Security Governance
  • Assurance Process Integration and Convergence
  • 02:24
  • Convergence
  • 02:32
  • Governance and Third-Party Relationships
6
Lesson 6: Information Security Governance Metrics
  • Metrics
  • Effective Security Metrics Part 1
  • Effective Security Metrics Part 2
  • Effective Security Metrics Part 3
  • Effective Security Metrics Part 4
  • Security Implementation Metrics
  • Strategic Alignment Part 1
  • Strategic Alignment Part 2
  • Risk Management
  • Value Delivery
  • Resource Management Part 1
  • Resource Management Part 2
  • Performance Measurement
  • Assurance Process Integration/Convergence
7
Lesson 7: Information Security Strategy Overview
  • Another View of Strategy
8
Lesson 8: Creating Information Security Strategy
  • Information Security Strategy
  • Common Pitfalls Part 1
  • Common Pitfalls Part 2
  • Objectives of the Information Security Strategy
  • What is the Goal?
  • Defining Objectives
  • Business Linkages
  • Business Case Development Part 1
  • Business Case Development Part 2
  • Business Case Development Part 3
  • Business Case Objectives
  • The Desired State
  • COBIT
  • COBIT Controls
  • COBIT Framework
  • Capability Maturity Model
  • Balanced Scorecard
  • Architectural Approaches
  • ISO/IEC 27001 and 27002
  • Risk Objectives Part 1
  • Risk Objectives Part 2
9
Lesson 9: Determining Current State Of Security
  • Current Risk Part 1
  • Current Risk Part 2
  • BIA
10
Lesson 10: Information Security Strategy Development
  • The Roadmap
  • Elements of a Strategy
  • Strategy Resources and Constraints
11
Lesson 11: Strategy Resources
  • Policies and Standards
  • Definitions
  • Enterprise Information Security Architectures
  • Controls
  • Countermeasures
  • Technologies
  • Personnel
  • Organizational Structure
  • Employee Roles and Responsibilities
  • Skills
  • Audits
  • Compliance Enforcement
  • Threat Assessment
  • Vulnerability Assessment
  • Risk Assessment
  • Insurance
  • Business Impact Assessment
  • Outsourced Security Providers
12
Lesson 12: Strategy Constraints
  • Legal and Regulatory Requirements
  • Physical Constraints
  • The Security Strategy
13
Lesson 13: Action Plan to Implement Strategy
  • Gap Analysis Part 1
  • Gap Analysis Part 2
  • Gap Analysis Part 3
  • Policy Development Part 1
  • Policy Development Part 2
  • Standards Development
  • Training and Awareness
  • Action Plan Metrics
  • General Metric Considerations Part 1
  • General Metric Considerations Part 2
  • General Metric Considerations Part 3
  • General Metric Considerations Part 4
  • CMM4 Statements
  • Objectives for CMM4
  • Section Review

Knowledge Check

1
Knowledge Check1

Domain 02: Information Risk Management and Compliance

1
Lesson 1: Risk Management Overview
  • Risk Management Overview
  • Types of Risk Analysis
  • The Importance of Risk Management
  • Risk Management Outcomes
  • Risk Management Strategy
2
Lesson 2: Good Information Security Risk Management
  • Context and Purpose
  • Scope and Charter
  • Assets
  • Other Risk Management Goals
  • Roles and Responsibilities
3
Lesson 3: Information Security Risk Management Concepts
  • Technologies
4
Lesson 4: Implementing Risk Management
  • The Risk Management Framework
  • The External Environment
  • The Internal Environment
  • The Risk Management Context
  • Gap Analysis
  • Other Organizational Support
5
Lesson 5: Risk Assessment
  • NIST Risk Assessment Methodology
  • Aggregated or Cascading Risk
  • Other Risk Assessment Approaches
  • Identification of Risks
  • Threats
  • Vulnerabilities Part 1
  • Vulnerabilities Part 2
  • Risks
  • Analysis of Relevant Risks
  • Risk Analysis
  • Semi -Quantitative Analysis
  • Quantitative Analysis Example
  • Evaluation of Risks
  • Risk Treatment Options
  • Impact
6
Lesson 6: Controls Countermeasures
  • Controls
  • Residual Risk
  • Information Resource Valuation
  • Methods of Valuing Assets
  • Information Asset Classification
  • Determining Classification
  • Impact Part 1
  • Impact Part 2
7
Lesson 7: Recovery Time Objectives
  • Recovery Point Objectives
  • Service Delivery Objectives
  • Third-Party Service Providers
  • Working with Lifecycle Processes
  • IT System Development
  • Project Management Part 1
  • Project Management Part 2
8
Lesson 8: Risk Monitoring and Communication
  • Risk Monitoring and Communication
  • Other Communications
  • Section Review

Knowledge Check

1
Knowledge Check2

Domain 03: Information Security Program Development and Management

1
Lesson 1: Development of Information Security Program
  • Importance of the Program
  • Outcomes of Security Program Development
  • Effective Information Security Program Development
2
Lesson 2: Information Security Program Objectives
  • Cross Organizational Responsibilities
  • Program Objectives Part 1
  • Program Objectives Part 2
  • Defining Objectives Part 1
  • Defining Objectives Part 2
3
Lesson 3: Information Security Program Development Concepts Part 1
  • Information Security Program Development Concepts Part 2
  • Technology Resources
  • Information Security Manager
4
Lesson 4: Scope and Charter of Information Security Program Development
  • Assurance Function Integration
  • Challenges in Developing Information Security Program
  • Pitfalls
  • Objectives of the Security Program
  • Program Goals
  • The Steps of the Security Program
  • Defining the Roadmap Part 1
  • Defining the Roadmap Part 2
  • Elements of the Roadmap Part 1
  • Elements of the Roadmap Part 2
  • Elements of the Roadmap Part 3
  • Elements of the Roadmap Part 4
  • Elements of the Roadmap Part 5
  • Gap Analysis
  • Lesson 5: Information Security Management Framework
  • Security Management Framework
  • COBIT 5
  • ISO/IEC 27001
5
Lesson 6: Information Security Framework Components
  • Operational Components Part 1
  • Operational Components Part 2
  • Management Components
  • Administrative Components
  • Educational and Informational Components
6
Lesson 7: Information Security Program Resources
7
Lesson 8: Implementing an Information Security Program
  • Policy Compliance
  • Standards Compliance
  • Training and Education
  • ISACA Control Objectives
  • Third-party Service Providers Part 1
  • Third-party Service Providers Part 2
  • Integration into Lifecycle Processes
  • Monitoring and Communication
  • Documentation
  • The Plan of Action Part 1
  • The Plan of Action Part 2
8
Lesson 9: Information Infrastructure and Architecture
  • Managing Complexity Part 1
  • Managing Complexity Part 2
  • Objectives of Information Security Architectures Part 1
  • Objectives of Information Security Architectures Part 2
  • Physical and Environmental Controls
9
Lesson 10: Information Security Program
  • Information Security Program Deployment Metrics
  • Metrics
  • Strategic Alignment
  • Risk Management
  • Value Delivery
  • Resource Management
  • Assurance Process Integration
  • Performance Measurement
  • Security Baselines
10
Lesson 11: Security Program Services and Operational Activities
  • IS Liaison Responsibilities Part 1
  • IS Liaison Responsibilities Part 2
  • Cross-Organizational Responsibilities
  • Security Reviews and Audits Part 1
  • Security Reviews and Audits Part 2
  • Management of Security Technology
  • Due Diligence Part 1
  • Due Diligence Part 2
  • Compliance Monitoring and Enforcement Part 1
  • Compliance Monitoring and Enforcement Part 2
  • Assessment of Risk and Impact Part 1
  • Assessment of Risk and Impact Part 2
  • Outsourcing and Service Providers
  • Cloud Computing Part 1
  • Cloud Computing Part 2
  • Cloud Computing Part 3
  • Integration with IT Processes
  • Section Review

Knowledge Check

1
Knowledge Check 3

Domain 04: Information Security Incident Management

1
Lesson 1: Incident Management Overview Part 1
  • Incident Management Overview Part 2
  • Incident Management Overview Part 3
  • Types of Events Part 1
  • Types of Events Part 2
  • Goals of Incident Management Part 1
  • Goals of Incident Management Part 2
  • Goals of Incident Management Part 3
2
Lesson 2: Incident Response Procedures Part 1
  • Incident Response Procedures Part 2
  • Importance of Incident Management
  • Outcomes of Incident Management
  • Incident Management
  • Concepts Part 1
  • Concepts Part 2
  • Concepts Part 3
  • Incident Management Systems Part 1
  • Incident Management Systems Part 2
3
Lesson 3: Incident Management Organization
  • Responsibilities Part 1
  • Responsibilities Part 2
  • Responsibilities Part 3
  • Senior Management Commitment
4
Lesson 4: Incident Management Resources
  • Policies and Standards
  • Incident Response Technology Concepts
  • Personnel
  • Roles and Responsibilities (eNotes)
  • Skills
  • Awareness and Education
  • Audits
5
Lesson 5: Incident Management Objectives
  • Defining Objectives
  • The Desired State
  • Strategic Alignment
  • Other Concerns
6
Lesson 6: Incident Management Metrics and Indicators
  • Implementation of the Security Program Management
  • Management Metrics and Monitoring Part 1
  • Management Metrics and Monitoring Part 2
  • Other Security Monitoring Efforts
7
Lesson 7: Current State of Incident Response Capability
  • Threats
  • Vulnerabilities
  • Lesson 8: Developing an Incident Response Plan
  • Elements of an Incident Response Plan
  • Gap Analysis
  • BIA Part 1
  • BIA Part 2
  • Escalation Process for Effective IM
  • Help Desk Processes for Identifying Security Incidents
  • Incident Management and Response Teams
  • Organizing, Training, and Equipping the Response Staff
  • Incident Notification Process
  • Challenges in making an Incident Management Plan
8
Lesson 9: BCP/DRP
  • Goals of Recovery Operations Part 1
  • Goals of Recovery Operations Part 2
  • Choosing a Site Selection Part 1
  • Choosing a Site Selection Part 2
  • Implementing the Strategy
  • Incident Management Response Teams
  • Network Service High-availability
  • Storage High-availability
  • Risk Transference
  • Other Response Recovery Plan Options
9
Lesson 10: Testing Response and Recovery Plans
  • Periodic Testing
  • Analyzing Test Results Part 1
  • Analyzing Test Results Part 2
  • Measuring the Test Results
10
Lesson 11: Executing the Plan
  • Updating the Plan
  • Intrusion Detection Policies
  • Who to Notify about an Incident
  • Recovery Operations
  • Other Recovery Operations
  • Forensic Investigation
  • Hacker / Penetration Methodology
  • Section Review
  • Sequence 05
You will gain access to our e-learning content, practice simulation tests to help you tackle the toughest CISM exam questions and an online participant handbook to cross-reference an reinforce your learning.
No. The CISM exam fee is not included in the course fee as it is directly paid to ISACA for membership, application and examination.
ISACA uses and reports scores on a common scale of 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You must achieve a score of 450 or higher to pass the CISM exam.
The CISM Certification cost varies from $450 - $760 based on the type of registration and whether you are a registered member or not. For additional information, please visit: http://www.isaca.org/certification/pages/exam-registration.aspx
After successful completion of the CISM training, you will be awarded the course completion certificate along with the 16 CPE certificate from Certs Learning.
CISM exams are conducted three times a year, in July, September and December. To find exam locations and dates please visit: www.isaca.org/certification/pages/exam-locations.aspx
If you are unable to take the exam, you can request a deferral of your registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit: http://www.isaca.org/certification/pages/exam-deferral.aspx.
Yes, we do provide assistance for the exam application process. You can submit any questions
Our CISM certification training is designed for you to pass the exams on your first attempt. With a hands-on learning approach and Global Learning Framework, the training not only gives you the confidence to pass the exam, but also helps you retain knowledge beyond the exam.
Yes, you can cancel your enrollment if necessary. We will refund the course price after deducting an administration fee. To learn more, please read our Refund Policy.
Contact us using the form on the right of any page on the CertsLearning website, or select the Live Chat link. Our customer service representatives can provide you with more details.
Our teaching assistants are a dedicated team of subject matter experts here to help you get certified in your first attempt. They engage students proactively to ensure the course path is being followed and help you enrich your learning experience, from class onboarding to project mentoring and job assistance. Teaching Assistance is available during business hours.
We offer 24/7 support through email, chat, and calls. We also have a dedicated team that provides on-demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.
No announcements at this moment.

Be the first to add a review.

Please, login to leave a review