ISACA AND ISC²
CERTIFIED INFORMATIONS SECURITY MANAGER
COURSE DESCRIPTION
This 5-days course on CISM is more than an entry-level certification. It is specifically developed for the information security professional who has acquired experience working on the front lines of information security or managing those who do.
The Certified Information Security Manager® is the most prestigious global qualification available for information security managers today-and the fastest growing with nearly six thousand certifications since being introduced in 2002.
OBJECTIVE
After this course participants are hoped for well-off to:
- Understand common body of knowledge (cbok) information system audit
- Know the exam situation and the characteristics of the matter as well as understand how to answer the matter multiple choice
- This CISM Review Course 2008 aim at helping you to prepare optimally in getting the passing of the exam CISM.
This seminar has been designed to prepare Delegates for the CISM examination by providing them with the knowledge and understand they require to pass the exam, as defined by ISACA
Suitable for :
- Chief Information Security Officer (CISO)
- Chief Information Officers (CIO)
- Chief Technology Officers (CTO)
- IS/IT Steering Committee
- Audit Committee
- IT Senior Manager
- Information Security Manager
- Senior Risk Manager
- Senior Audit Manager
- IT Audit Staff
- IT Security Staff
- Internal & External Auditor
- Risk Management Staff
- IT Students & Academicians
YOU WILL LEARN
- Information Security Governance
Develop information security strategy to align with business strategy and direction. Obtain senior management commitment and support for information security across the entire enterprise. Define information security governance roles and responsibilities. Establish reporting and communication channels regarding information security governance activities - Risk Management
Develop a systematic, analytical, and continuous risk management process. Understand and implement risk identification, analysis, and mitigation activities. Define and prioritize risk mitigation strategies. Appropriately report changes in risk to the correct levels of management on a periodic and event-driven basis. - Information Security Program Management
Create and maintain plans for implementing a carefully designed information security governance framework. Develop information security baselines from organizational needs, as well as international standards. Develop guidelines and procedures for integrating security risk management into business processes. Develop procedures and guidelines for the IT infrastructure that comply with senior - level information security policies. Ensure security is effectively incorporated into the organizations established change management processes. Effectively integrate information security policies, guidelines, procedures, and accountability into the organization's culture. - Legal Issues
Manage security risk from contracts; transfer risk with contracts Understand information security compliance issues resulting from Sarbanes-Oxley. - Information Technology Deployment Risks
Properly align IT strategic planning with organizational strategic planning. Control risk within software development or acquisition projects - IT Management Risks
How to position information security management within the organization. Control IT security risk relating to IT funding. - IT Networks and Telecommunications Risks
Manage risk associated with social engineering, physical infrastructure threats, malicious code, and software vulnerabilities. - Integrating Information Security into Business Continuity, Disaster Recovery, and Incident Response
Develop and implement processes for identifying, detecting, and analyzing security - related events procedures. Organize, train, and properly equip response teams.
WHAT'S INCLUDED?
Our package includes 1 x lunch and 2 x coffee break, and full course materials, certificate of attendance, souvenir, Bandung city tour.