- Lesson One: Information Security Governance Overview
- Information Security Governance Overview Part One
- Information Security Governance Overview Part Two
- Information Security Governance Overview Part Three
- Information Security Governance Overview Part Four
- Information Security Governance Overview Part Five
- Importance of Information Security Governance Part One
- Importance of Information Security Governance Part Two
- Outcomes of Information Security Governance Part one
- Outcomes of Information Security Governance Part Two
- Outcomes of Information Security Governance Part Three
- Outcomes of Information Security Governance Part Four
- Outcomes of Information Security Governance Part Five
- Outcomes of Information Security Governance Part Six
- Lesson Two: Effective Information Security Governance
- Business Goals and Objectives Part One
- Business Goals and Objectives Part Two
- Roles and Responsibilities of Senior Management Part One
- Roles and Responsibilities of Senior Management Part Two
- Domain Tasks Part One
- Domain Tasks Part Two
- Business Model for Information Security Part One
- Business Model for Information Security Part Two
- Business Model for Information Security Part Three
- Business Model for Information Security Part Four
- Dynamic Interconnections Part One
- Dynamic Interconnections Part Two
- Dynamic Interconnections Part Three
- Dynamic Interconnections Part Four
- Lesson Three: Information Security Concepts and Technologies
- Information Security Concepts and Technologies Part One
- Information Security Concepts and Technologies Part Two
- Information Security Concepts and Technologies Part Three
- Technologies Part One
- Technologies Part Two
- Lesson Four: Information Security Manager
- Responsibilities
- Senior Management Commitment Part One
- Senior Management Commitment Part Two
- Obtaining Senior Management Commitment Part One
- Obtaining Senior Management Commitment Part Two
- Establishing Reporting and Communication Channels Part One
- Establishing Reporting and Communication Channels Part Two
- Lesson Five: Scope and Charter of Information Security Governance
- Assurance Process Integration and Convergence
- Convergence
- Governance and Third-Party Relationships
- Lesson Six: Information Security Governance Metrics
- Metrics
- Effective Security Metrics Part One
- Effective Security Metrics Part Two
- Effective Security Metrics Part Three
- Effective Security Metrics Part Four
- Security Implementation Metrics
- Strategic Alignment Part One
- Strategic Alignment Part Two
- Risk Management
- Value Delivery
- Resource Management Part One
- Resource Management Part Two
- Performance Measurement
- Assurance Process Integration/Convergence
- Lesson Seven: Information Security Strategy Overview
- Another View of Strategy
- Lesson Eight: Creating Information Security Strategy
- Information Security Strategy
- Common Pitfalls Part One
- Common Pitfalls Part Two
- Objectives of the Information Security Strategy
- What is the Goal?
- Defining Objectives
- Business Linkages
- Business Case Development Part One
- Business Case Development Part Two
- Business Case Development Part Three
- Business Case Objectives
- The Desired State
- COBIT
- COBIT Controls
- COBIT Framework
- Capability Maturity Model
- Balanced Scorecard
- Architectural Approaches
- ISO/IEC 27001 and 27002
- Risk Objectives Part One
- Risk Objectives Part Two
- Lesson Nine: Determining Current State Of Security
- Current Risk Part One
- Current Risk Part Two
- BIA
- Lesson Ten: Information Security Strategy Development
- The Roadmap
- Elements of a Strategy
- Strategy Resources and Constraints
- Lesson Eleven: Strategy Resources
- Policies and Standards
- Definitions
- Enterprise Information Security Architectures
- Controls
- Countermeasures
- Technologies
- Personnel
- Organizational Structure
- Employee Roles and Responsibilities
- Skills
- Audits
- Compliance Enforcement
- Threat Assessment
- Vulnerability Assessment
- Risk Assessment
- Insurance
- Business Impact Assessment
- Outsourced Security Providers
- Lesson twelve: Strategy Constraints
- Legal and Regulatory Requirements
- Physical Constraints
- The Security Strategy
- Lesson Thirteen: Action Plan to Implement Strategy
- Gap Analysis Part One
- Gap Analysis Part two
- Gap Analysis Part Three
- Policy Development Part One
- Policy Development Part Two
- Standards Development
- Training and Awareness
- Action Plan Metrics
- General Metric Considerations Part One
- General Metric Considerations Part Two
- General Metric Considerations Part Three
- General Metric Considerations Part Four
- CMMFour Statements
- Objectives for CMMFour
- Section Review
- Home
- Simplilearn
- Courses
- Certified Information Security Manager Certification Training
CISM Certification Training
Enroll in the Certified Information Security Manager Certification training course to learn the best practices and skills of IT security systems management.
Online
Quick facts
particular | details | |
---|---|---|
Medium of instructions
English
|
Mode of learning
Self study
|
Mode of Delivery
Video and Text Based
|
Course overview
The Certified Information Security Manager or CISM Certification is an internationally-recognized credential for information security professionals who design, manage, assess, and oversee enterprise information security. The CISM Certification Course closely follows ISACA’s best practices and helps you learn about IT security systems.
You will gain the required skills to design, manage, and deploy security architecture for your enterprise with this course via premium quality content. This certification will validate your skills and increase your credibility as an IT professional. Once you receive the CISM Certification, you can easily find work opportunities as an Information Security Manager, Systems Analyst, or Security Product Manager, among others.
Moreover, the course will help candidates prepare for the CISM certification exam. Candidates also receive complete assistance for the certification exam application process. Once you clear the exam, you will become eligible to take on positions such as Security Product Manager, Systems Analyst, and more.
The highlights
- 16 CPE’s offered
- 24x7 learner support and assistance
- 45+ hours of high-quality e-learning content
- Certificate from Simplilearn
Program offerings
- Self-paced learning
- High quality elearning process
- Cpes
- Online handbook
Course and certificate fees
Training Options | Fee |
Self Paced Learning | Rs. 168525 + Rs. 30334.50 (CGST + SGST) = Rs. 198859.50 |
Online Bootcamp | Rs. 174195 + Rs. 31355.10 (CGST + SGST) = Rs. 205550.10 |
certificate availability
certificate providing authority
Eligibility criteria
Experience
To become a CISM certified professional or to join this course you need to have applied for the course within five years of passing the examination. Also, the experience mentioned should –
- Have been gained within ten years of applying for the certification or within five years of taking the exam.
- Be verified by your employers
- Include at least three years in the role of an information security manager (it must be broad and gained in three of the four CISM domains)
Certification Qualifying Detail
To get CISM certification training by Simplilearn, one must have:
- Successfully completed the CISM examination
- Followed the ISACA Code of Professional Ethics
- Agreed to comply with the Continuing Education Policy
- Acquired at least five years of work experience in information security, wherein three years must be as an information security manager.
- Submitted an application form for CISM certification within five years from the date of initially passing the exam.
What you will learn
In the CISM Certification training course, you will learn the following concepts and skills:
- Learn about the five ISACA domains which are usually asked in the exam
- Understand how to protect confidentiality, integrity, and availability of the data that are used
- Process and store data in IT systems through the implementation of information security controls and safeguards
- Implement security practices to protect critical data, business processes and technology
- Eliminate threats that can impact the security, integrity, and confidentiality of assets
- Understand the working of the system through which an enterprise directs and controls IT
- Learn about the process of identifying, recording, analysing, and managing security threats or incidents in real-time
- Understand how to create and use enterprise architecture
Who it is for
This certification is suited for the following professionals:
- Directors and Managers in IT domain
- Professionals working as Security Consultants and Managers
- Security System Engineers in technology companies
- Security Auditors or Security Architects
- Chief Information Security Officer (CISO)
- Risk Officers to minimize or manage operational risks
- Information Security Managers
- IT Consultants
Admission details
Filling the form
Step 1 - Visit https://www.simplilearn.com/cyber-security/cism-certification-training
step 2 - Click on the “Enroll Now”. You will be redirected to a new page
Step 3 - Enter the Coupon Code (if you have) or simply click on the Proceed button.
Step 4 - Fill in the details including the name, email, and contact number of the learner and click on ‘Proceed’
Step 5 - Make a fee payment. Do save the transaction receipt for future reference
The syllabus
Domain 01: Information Security Governance
Knowledge Check
Knowledge Check One
Knowledge Check Two
- Knowledge Check Three
Knowledge Check Four
Domain 02: Information Risk Management and Compliance
- Lesson One: Risk Management Overview
- Risk Management Overview
- Types of Risk Analysis
- The Importance of Risk Management
- Risk Management Outcomes
- Risk Management Strategy
- Lesson Two: Good Information Security Risk Management
- Context and Purpose
- Scope and Charter
- Assets
- Other Risk Management Goals
- Roles and Responsibilities
- Lesson Three: Information Security Risk Management Concepts
- Technologies
- Lesson Four: Implementing Risk Management
- The Risk Management Framework
- The External Environment
- The Internal Environment
- The Risk Management Context
- Gap Analysis
- Other Organizational Support
- Lesson Five: Risk Assessment
- NIST Risk Assessment Methodology
- Aggregated or Cascading Risk
- Other Risk Assessment Approaches
- Identification of Risks
- Threats
- Vulnerabilities Part One
- Vulnerabilities Part Two
- Risks
- Analysis of Relevant Risks
- Risk Analysis
- Semi -Quantitative Analysis
- Quantitative Analysis Example
- Evaluation of Risks
- Risk Treatment Options
- Impact
- Lesson Six: Controls Countermeasures
- Controls
- Residual Risk
- Information Resource Valuation
- Methods of Valuing Assets
- Information Asset Classification
- Determining Classification
- Impact Part One
- Impact Part Two
- Lesson Seven: Recovery Time Objectives
- Recovery Point Objectives
- Service Delivery Objectives
- Third-Party Service Providers
- Working with Lifecycle Processes
- IT System Development
- Project Management Part One
- Project Management Part Two
- Lesson Eight: Risk Monitoring and Communication
- Risk Monitoring and Communication
- Other Communications
- Section Review
Domain 03: Information Security Program Development and Management
- Introduction
- Lesson One: Development of Information Security Program
- Importance of the Program
- Outcomes of Security Program Development
- Effective Information Security Program Development
- Lesson Two: Information Security Program Objectives
- Cross Organizational Responsibilities
- Program Objectives Part One
- Program Objectives Part Two
- Defining Objectives Part One
- Defining Objectives Part Two
- Lesson 3: Information Security Program Development Concepts Part One
- Information Security Program Development Concepts Part Two
- Technology Resources
- Information Security Manager
- Lesson Four: Scope and Charter of Information Security Program Development
- Assurance Function Integration
- Challenges in Developing Information Security Program
- Pitfalls
- Objectives of the Security Program
- Program Goals
- The Steps of the Security Program
- Defining the Roadmap Part One
- Defining the Roadmap Part Two
- Elements of the Roadmap Part One
- Elements of the Roadmap Part Two
- Elements of the Roadmap Part Three
- Elements of the Roadmap Part Four
- Elements of the Roadmap Part Five
- Gap Analysis
- Lesson Five: Information Security Management Framework
- Security Management Framework
- COBIT Five
- ISO/IEC 27001
- Lesson Six: Information Security Framework Components
- Operational Components Part One
- Operational Components Part Two
- Management Components
- Administrative Components
- Educational and Informational Components
- Lesson Seven: Information Security Program Resources
- Resources
- Documentation
- Enterprise Architecture Part One
- Enterprise Architecture Part Two
- Enterprise Architecture Part Three
- Controls as Strategy Implementation Resources Part One
- Controls as Strategy Implementation Resources Part Two
- Controls as Strategy Implementation Resources Part Three
- Controls as Strategy Implementation Resources Part Four
- Common Control Practices
- Countermeasures
- Technologies Part One
- Technologies Part Two
- Technologies Part Three
- Technologies Part Four
- Personnel Part One
- Personnel Part Two
- Security Awareness
- Awareness Topics
- Formal Audits
- Compliance Enforcement
- Project Risk Analysis
- Other Actions
- Other Organizational Support
- Program Budgeting Part One
- Program Budgeting Part Two
- Lesson Eight: Implementing an Information Security Program
- Policy Compliance
- Standards Compliance
- Training and Education
- ISACA Control Objectives
- Third-party Service Providers Part One
- Third-party Service Providers Part Two
- Integration into Lifecycle Processes
- Monitoring and Communication
- Documentation
- The Plan of Action Part One
- The Plan of Action Part Two
- Lesson Nine: Information Infrastructure and Architecture
- Managing Complexity Part One
- Managing Complexity Part Two
- Objectives of Information Security Architectures Part One
- Objectives of Information Security Architectures Part Two
- Physical and Environmental Controls
- Lesson Ten: Information Security Program
- Information Security Program Deployment Metrics
- Metrics
- Strategic Alignment
- Risk Management
- Value Delivery
- Resource Management
- Assurance Process Integration
- Performance Measurement
- Security Baselines
- Lesson Eleven: Security Program Services and Operational Activities
- IS Liaison Responsibilities Part One
- IS Liaison Responsibilities Part Two
- Cross-Organizational Responsibilities
- Security Reviews and Audits Part One
- Security Reviews and Audits Part Two
- Management of Security Technology
- Due Diligence Part One
- Due Diligence Part Two
- Compliance Monitoring and Enforcement Part One
- Compliance Monitoring and Enforcement Part Two
- Assessment of Risk and Impact Part One
- Assessment of Risk and Impact Part Two
- Outsourcing and Service Providers
- Cloud Computing Part One
- Cloud Computing Part Two
- Cloud Computing Part Three
- Integration with IT Processes
- Section Review
Domain 04: Information Security Incident Management
- Lesson One: Incident Management Overview Part One
- Incident Management Overview Part Two
- Incident Management Overview Part Three
- Types of Events Part One
- Types of Events Part Two
- Goals of Incident Management Part One
- Goals of Incident Management Part Two
- Goals of Incident Management Part Three
- Lesson Two: Incident Response Procedures Part One
- Incident Response Procedures Part Two
- Importance of Incident Management
- Outcomes of Incident Management
- Incident Management
- Concepts Part One
- Concepts Part Two
- Concepts Part Three
- Incident Management Systems Part One
- Incident Management Systems Part Two
- Lesson Three: Incident Management Organization
- Responsibilities Part One
- Responsibilities Part Two
- Responsibilities Part Three
- Senior Management Commitment
- Lesson Four: Incident Management Resources
- Policies and Standards
- Incident Response Technology Concepts
- Personnel
- Roles and Responsibilities (eNotes)
- Skills
- Awareness and Education
- Audits
- Lesson Five: Incident Management Objectives
- Defining Objectives
- The Desired State
- Strategic Alignment
- Other Concerns
- Lesson Six: Incident Management Metrics and Indicators
- Implementation of the Security Program Management
- Management Metrics and Monitoring Part One
- Management Metrics and Monitoring Part Two
- Other Security Monitoring Efforts
- Lesson Seven: Current State of Incident Response Capability
- Threats
- Vulnerabilities
- Lesson Eight: Developing an Incident Response Plan
- Elements of an Incident Response Plan
- Gap Analysis
- BIA Part One
- BIA Part Two
- Escalation Process for Effective IM
- Help Desk Processes for Identifying Security Incidents
- Incident Management and Response Teams
- Organizing, Training, and Equipping the Response Staff
- Incident Notification Process
- Challenges in making an Incident Management Plan
- Lesson Nine: BCP/DRP
- Goals of Recovery Operations Part One
- Goals of Recovery Operations Part Two
- Choosing a Site Selection Part One
- Choosing a Site Selection Part Two
- Implementing the Strategy
- Incident Management Response Teams
- Network Service High-availability
- Storage High-availability
- Risk Transference
- Other Response Recovery Plan Options
- Lesson Ten: Testing Response and Recovery Plans
- Periodic Testing
- Analyzing Test Results Part One
- Analyzing Test Results Part Two
- Measuring the Test Results
- Lesson Eleven: Executing the Plan
- Updating the Plan
- Intrusion Detection Policies
- Who to Notify about an Incident
- Recovery Operations
- Other Recovery Operations
- Forensic Investigation
- Hacker / Penetration Methodology
- Section Review
- Sequence Five
Evaluation process
To receive the CISM Certification by Simplilearn, candidates need to pass the CISM Certification exam. Candidates are normally scored on a common scale of 200 to 800 (200 being the lowest one can score, while 800 is the highest). You need to score a minimum of 450 to pass.
How it helps
The CISM Certification course will equip you with the core concepts and principles needed to clear the CISM certification exam. Upon successful completion of the course, you can find ample job opportunities in the IT domain.
As certified CISM professionals, you can work as an IT Director/Manager, Security Auditor, Risk Officer, Security Architect, and more. Many companies like Amazon, EY, Oracle, etc. hire certified CISM professionals with lucrative packages. On average, you can have an annual salary in the range of INR 15.1 lakhs and INR 33.42 lakhs.
Instructors
Mr Dean Pompilio
Trainer
Freelancer
FAQs
Candidates are normally scored on a common scale of 200 to 800 (200 being the lowest one can score, while 800 is the highest). You need to score a minimum of 450 to pass.
No, you will not receive the CISM certificate after the completion of the training course. You need to first clear the exam and then apply for the certificate.
The CISM Certification is suited for the following professionals such as IT directors /Managers, Security, Consultants and Managers, Security System Engineers, Security Auditors/Architects, Risk Officers, and more.
CISM certified professionals usually have annual earnings in the range of INR15.1L and INR33.42L.
The average salary package for a certified CISM professional can be anywhere between Rs. 6.8 lakhs to Rs. 33 lakhs per annum.
As a certified CISM professional, you can find ample work opportunities in companies such as Oracle, Amazon, Wells Fargo, Cisco Systems, and more.
For the CISM certification course, the mode of training is self-paced learning. Candidates will receive lifetime access to top-quality eLearning content which is curated by the industry experts. Also, candidates will receive 24x7 learner assistance and support.