What's In It for Me
- CISM – Certified Information Security Manager – is the most widely accepted certification for an Information Security Manager who is effective able to secure his Enterprise by managing the risks and threats.
- Certification holders are consistently recognized among the most-qualified professionals in the information security and risk management fields.
- CISM holders are also able to promote international security practices.
- As a part of the course, learners will receive this courseware:
-
- 16th edition of CISM review manual (physical book)
- Digital questions, answers, enquiries (12 months subscription)
Course Overview
The 5 days or 40 hours curriculum is aimed for the candidates to demonstrate their skill and competency in 38 Task areas and 72 Knowledge areas under the 4 Domains.
The purpose of the uniquely management focused CISM certification promotes international security practices and recognizes the individual who manages, designs, and oversees and assesses an enterprise’s information security.
This course will prepare participants to sit for CISM Examination and they can apply within 5 years of having passed the exam to get certified. (Full details of CISM Certification Requirements can be found at https://www.isaca.org/credentialing/cism/get-cism-certified)
Course Objectives
Upon completing this course, participants will gain a comprehensive, up-to-date and in-depth knowledge of the following:
- Able to understand the Information Security Governance and create value
- Able to understand the enterprise risk management and the counter measures
- Able to understand the Information Security Program Management and evaluation
- Able to understand the Incident Management process and operation review
Pre-requisites
Below are the certification requirements, if you are taking the course just for knowledge it is not mandatory to possess the below requirements:
- 5+ years of experience in technical IT security or Cybersecurity
- Experience in information security management is mandatory
- Experience in general information security optional
- At least a graduate degree qualification, with or without a major (honours)
- Appropriate managerial skills with knowledge of relevant tools and techniques
- Proficiency in English language equivalent to the GCE O Level is expected
*To find out more about certification, go to: https://www.isaca.org/credentialing/cism/get-cism-certified
- Hardware & Software
- This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.
- Participants must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download.
| System Requirement |
| Must-have:
Please ensure that your computer or laptop meets the following requirements.
Good-to-have:
Not recommended: |
Course Outline
Chapter 1 Information Security Governance
- Introduction to Information Security Governance
- Effective Information Security Governance
- Risk Management Roles and Responsibilities
- Governance of Third-Party Relationships
- Information Security Governance Metrics
- Information Security Strategy Overview
- Information Security Strategy Objectives
- Determining the Current State of Security
- Information Security Strategy Development
- Strategy Resources & Constraints
- Action Plan to Implement Strategy
- Information Security Program Objectives
- Case Study
Chapter 2 Information Risk Management
- Risk Management Overview
- Risk Management Strategy
- Effective Information Risk Management
- Information Risk Management Concepts
- Implementing Risk Management
- Risk Management and Analysis Methodologies
- Risk Assessment
- Information Asset Classification
- Operational Risk Management
- Third-party Service Providers
- Risk Management Integration with Life Cycle Processes
- Security Control Baselines
- Risk Monitoring and Communication
- Training and Awareness
- Documentation
- Case Study
Chapter 3 Information Security Program Development and Management
- Overview, Objectives and Concepts
- Scope and Charter of an Information Security Program
- The Information Security Management Framework
- Information Security Framework Components
- Defining an Information Security Program Roadmap
- Information Security Infrastructure and Architecture
- Architecture Implementation
- Security Program Management and Administrative Activities
- Security Program Services and Operational Activities
- Controls and Countermeasures
- Security Program Metrics and Monitoring
- Common Information Security Program Challenges
- Case Study
Chapter 4 Information Security Incident Management
- Incident Management Overview
- Incident Response Procedures
- Incident Management Organisation
- Incident Management Resources
- Incident Management Objectives
- Incident Management Metrics and Indicators
- Defining Incident Management Procedures
- Current State of Incident Response Capability
- Developing an Incident Response Plan
- Business Continuity and Disaster Recovery Procedures
- Testing Incident Response and Business Continuity/Disaster Recovery Plan
- Executing Response and Recovery Plans
- Post Incident Activities and Investigation
- Case Study
Certificate Obtained and Conferred by
- Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Statement of Attainment (SOA), accredited by SkillsFuture Singapore. SOA will be reflected as [code name, Audit and Compliance (ICT-SNA-4001-1.1) and Cyber Risk Management (ICT-SNA-5007-1.1 )].
- Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Certificate of Completion from NTUC LearningHub.
Categories
More Information
- NTUC LearningHub
Add a review