CISM Certification Training

Certified Information Security Manager

  • Highly interactive CISM Training by ISACA Premium Training Partner
  • Master all CISM domains with real-world scenarios
  • Boost your success with exam simulations and a 98% pass rate
  • Learn Better with Practical Use Cases, Flash Cards, Quizzes & Mock Exams

Program Highlights

CISM (Certified Information Security Manager) is a management-oriented certification that emphasizes globally accepted security practices while validating an individual’s ability to design, manage, and assess enterprise information security programs. The CISM training at EarthBlueOne equips professionals with in-depth knowledge of risk management, security governance, and the development of effective policies and strategies to align information security with organizational objectives.

  • 36-Hour Instructor-Led Training
  • Online Test Simulations
  • Telegram Group for Exam Support
  • ISACA Premium Training Partner
  • 98% Exam Pass Rate
  • Post Training Support Till Exam
  • Highly Interactive and Dynamic Sessions
  • Experienced Industry Experts
  • Access to Recorded Sessions

CISM Certification Training

The CISM certification, which is focused on information security management, promotes worldwide security practices and acknowledges the expertise of professionals who manage, oversee, and monitor an organization’s information security. The CISM certification is a worldwide recognized benchmark of excellence in this field, and the demand for skilled information security management experts is on the rise.

Domain 1 – Information Security Governance – 17%

  • A–Enterprise Governance
    • Organizational Culture
    • Legal, Regulatory, and Contractual Requirements
    • Organizational Structures, Roles, and Responsibilities
  • B–Information Security Strategy
    • Information Security Strategy Development
    • Information Governance Frameworks and Standards
    • Strategic Planning (e.g., Budgets, Resources, Business Case)

 

Domain 2 – Information Security Risk Management – 20%

  • A–Information Security Risk Assessment
    • Emerging Risk and Threat Landscape
    • Vulnerability and Control Deficiency Analysis
    • Risk Assessment and Analysis
  • B–Information Security Risk Response
    • Risk Treatment / Risk Response Options
    • Risk and Control Ownership
    • Risk Monitoring and Reporting

 

Domain 3 – Information Security Program – 33%

  • A–Information Security Program Development
    • Information Security Program Resources (e.g., People, Tools, Technologies)
    • Information Asset Identification and Classification
    • Industry Standards and Frameworks for Information Security
    • Information Security Policies, Procedures, and Guidelines
    • Information Security Program Metrics
  • B–Information Security Program Management
    • Information Security Control Design and Selection
    • Information Security Control Implementation and Integrations
    • Information Security Control Testing and Evaluation
    • Information Security Awareness and Training
    • Management of External Services (e.g., Providers, Suppliers, Third Parties, Fourth Parties)
    • Information Security Program Communications and Reporting

 

Domain 4 – Incident Management – 30%

  • A–Incident Management Readiness
    • Incident Response Plan
    • Business Impact Analysis (BIA)
    • Business Continuity Plan (BCP)
    • Disaster Recovery Plan (DRP)
    • Incident Classification/Categorization
    • Incident Management Training, Testing, and Evaluation
  • B–Incident Management Operations
    • Incident Management Tools and Techniques
    • Incident Investigation and Evaluation
    • Incident Containment Methods
    • Incident Response Communications (e.g., Reporting, Notification, Escalation)
    • Incident Eradication and Recovery
    • Post-Incident Review Practices
  • Security Consultants and Managers
  • IT Directors and Managers
  • Security Auditors and Architects
  • Security Systems Engineers
  • Chief Information Security Officers (CISOs)
  • Information Security Managers
  • IS/IT Consultants
  • Chief Compliance/Privacy/Risk Officers

The CISM is a desirable certification if you have at least five years of information security work experience and at least three years of work experience in three or more job practices analysis areas of information security management. Work experience must be achieved within 10 years of applying for certification or within 5 years of passing the exam.

The following security-related certifications and management experience in information systems can be used to replace the required amount of information security job experience.

Two Years:

Certified Information Systems Auditor (CISA) in good standing Certified Information Systems Security Professional (CISSP) in good standing Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

One Year:

One full year of information systems management experience One full year of general security management experience Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)

Completion of an information security management program at an institution aligned with the Model Curriculum

  • Learn about Enterprise Governance covering the importance of Information Security Governance, Organizational Culture and Structure, Legal, Regulatory and Contractual Requirements.
  • Learn to formulate an Information Security Strategy, create Information Governance Frameworks and Standards and conduct Strategic Planning.
  • Learn about the emerging risk and threat landscape, Vulnerability and Control Deficiency Analysis.
  • Learn to conduct Risk Analysis, Evaluation and Assessment.
  • Respond to risk by understanding Risk Treatment/Risk Response Options, Risk and Control Ownership, Risk Monitoring and Reporting.
  • Learn how to develop an Information Security Program by utilizing industry standards and frameworks, Information Security policies, procedures and guidelines and creating an Information Security Program Road Map.
  • Manage an information security program by focusing on different aspects such as the design, control, implementation, integration, testing, evaluation and training, communications and reporting.
  • Assess the incident management readiness of an organization based on Business Impact Analysis, Business Continuity Plan, Disaster Recovery Plan, Incident Management Training, Testing and Evaluation.
  • Learn about Incident Management Operations, Tools and Technologies, Incident Containment Methods, Incident Eradication and Recovery and Post-Incident Review Practices.

 

Certification Certified Information Security Manager (CISM)
Exam Duration 4 Hours
Number of Questions 150
Exam Pattern Multiple Choice
Passing Marks 450 out of 800
Languages English, Japanese, Korean, Spanish

Still Confused About Course?
Talk to Our Experts!