CEH® v13 Certification Training
Certified Ethical Hacker (CEH® v13) Certification Training is a globally re...
The Certified Information Security Manager (CISM) certification is a globally recognized, management-focused credential designed for professionals responsible for managing, designing, overseeing, and assessing an organization's information security program. This course provides i...
The Certified Information Security Manager (CISM) certification is a globally recognized, management-focused credential designed for professionals responsible for managing, designing, overseeing, and assessing an organization's information security program. This course provides in-depth knowledge of information security governance, risk management, security program development, and incident management. It equips professionals with the skills needed to align security strategies with business objectives, manage organizational risks, and establish effective security frameworks and policies.
This domain will provide you with a thorough insight into the culture, regulations and structure involved in enterprise governance, as well as enabling you to analyze, plan and develop information security strategies. Together, this will affirm high-level credibility in information security governance to stakeholders.
• Organizational Culture
• Legal, Regulatory, and Contractual Requirements
• Organizational Structures, Roles and Responsibilities
• Information Security Strategy Development
• Information Governance Frameworks and Standards
• Strategic Planning (e.g., Budgets, Resources, Business Case)
This domain empowers you to analyze and identify potential information security risks, threats, and vulnerabilities as well as gives you all the information about identifying and countering information security risks you will require to perform at the management level.
• Emerging Risk and Threat Landscape
• Vulnerability and Control Deficiency Analysis
• Risk Assessment and Analysis
• Risk Treatment / Risk Response Options
• Risk and Control Ownership
• Risk Monitoring and Reporting
This domain covers the resources, asset classifications, and frameworks for information security as well as empowering you to manage information security programs, including security control, testing, comms reporting, and implementation.
• Information Security Program Resources (e.g., People, Tools, Technologies)
• Information Asset Identification and Classification
• Industry Standards and Frameworks for Information Security
• Information Security Policies, Procedures and Guidelines
• Information Security Program Metrics
• Information Security Control Design and Selection
• Information Security Control Implementation and Integrations
• Information Security Control Testing and Evaluation
• Information Security Awareness and Training
• Management of External Services (e.g., Providers, Suppliers, Third Parties, Fourth Parties)
• Information Security Program Communications and Reporting
This domain provides in-depth training in risk management and preparedness, including how to prepare a business to respond to incidents and guide recovery. The second module covers the tools, evaluation, and containment methods for incident management.
• Incident Response Plan
• Business Impact Analysis (BIA)
• Business Continuity Plan (BCP)
• Disaster Recovery Plan (DRP)
• Incident Classification/Categorization
• Incident Management Training, Testing and Evaluation
• Incident Management Tools and Techniques
• Incident Investigation and Evaluation
• Incident Containment Methods
• Incident Response Communications (e.g., Reporting, Notification, Escalation)
• Incident Eradication and Recovery
• Post-Incident Review Practices