Certified Information Security Manager

Formations Certified Information Security Manager

OBJECTIF

The training prepares for CISM certification (Certified Information Security Manager), recognized internationally and issued by ISACA. This course will provide you with the knowledge and understanding of the principals needed to be an effective member of an information security team with security responsibilities. It also prepares individuals who are considering making security of the information security. information or any related function.

In particular, the objectives of the training are:

  • Define and demonstrate the core competencies and expected international performance standards of information security officers.
  • Analyze the different areas of the program being examined.

PREREQUISITES

• Experience in information system security management (at least 5 years of experience or possible waivers for up to 2 years)

GENERAL INFORMATION

• Code : CISM
• Duration : 3 Days
• schedule : 8h30 - 17h30
• place : training center, Center Urbain Nord,Tunis

TARGETED AUDIENCE

• Security professionals
• Information Security Officers
• Security Consultants
• Anyone seeking a full understanding of key IT risks and controls

RESOURCES

• Course materials
• 40% demonstration
• 40% of theory
• 20% practical exercises

Modules taught

  • Domain 1: Governance of Information Security

    • • Develop an information security strategy to align it with business and leadership strategy
    • Obtaining senior management commitment and support for IT security throughout the enterprise
    • Define roles and responsibilities in security governancede Information
    • Establish information and communication channels for information security governance activities

  • Domain 2: Information Risk Management

    • • Develop a systematic and analytical approach, as well as the ongoing process of risk management
    • Understand and implement risk identification and analysis.
    • Define risk mitigation strategies
    • Report appropriately on the evolution of risk management

  • Domain 3: Development of the Information Security Program

    • • Create and maintain plans to implement a carefully crafted framework for information security governance
    • Develop information security baselines for organizational needs, as well as international standards
    • Develop information security baselines to organizational needs, Ensure that security is effectively integrated into established change management organizations processes
    • Effectively integrate information security policies, procedures, guidelines and accountability into the organization's culture

  • Domain 4: Management of the Information Security Program

    • • Manage contract security risks and risk transfer
    • Understand the information security compliance requirements of the Sarbanes-Oxley Act

  • Domain 5: Incident Management and Response

    • • Properly align IT planning with strategic planningorganizational
    • How to position information security management within the organization
    • Controls the risks to the security related to IT financing
    • Manage the risk associated with social engineering, threats, physical infrastructure, malicious code and software vulnerabilities
    • Integrate Information Security into Continuous Trade, Disaster Recovery and Incident Response
    • Develop and implement processes to identify, detect and analyze events related to process security

Do not hesitate to contact our experts for any additional information, study and free calculation of an audit service.