CISM
Certified Information Security Manager


CISM Course Introduction

This 3-days intensive course is designed for a professional preparing for the ISACA's CISM exam to gain more confidence. This course will wrap-up only key concept and vital knowledge of each domain. It is recommended that attendee should have hands-on experiences or familiar with information security management job before attend this course. Valuable technique for the exam will be shared by the exam passer.


CISM Course Objectives

  • To prepare for the ISACA's CISM examination
  • To summarize vital knowledge based on the latest exam domain
  • To learn some techniques from the experienced exam passer


Target Group

  • Systems Architect
  • IT Manager
  • Chief Information Security Officer
  • Information Security Officer
  • Security Architect
  • Security Engineer
  • Security Manager
  • Security Consultant


Course Outline of CISM

Day 1

  • Information Security Governance Overview
  • Effective Information Security Governance
  • Governance of Third-party Relationships
  • Information Security Governance Metrics
  • Information Security Strategy Overview
  • Developing an Information Security Strategy
  • Information Security Strategy Objectives
  • Determining Current State of Security
  • Information Security Strategy Development
  • Strategy Resources
  • Strategy Constraints
  • Action Plan to Implement Strategy
  • Implementing Security Governance
  • Action Plan Intermediate Goals
  • Information Security Program Objectives
  • Risk Management Overview
  • Risk Management Strategy
  • Effective Information Risk Management
  • Information Risk Management Concepts
  • Implementing Risk Management
  • Risk Assessment and Analysis Methodologies
  • Risk Assessment
  • Information Resource Valuation
  • Recovery Time Objectives
  • Integration with Life Cycle Processes
  • Security Control Baselines
  • Risk Monitoring and Communication
  • Training and Awareness

Day 2

  • Information Security Program Management Overview
  • Information Security Program Objectives
  • Information Security Program Concepts
  • Scope and Charter of an Information Security Program
  • The Information Security Management Framework
  • Information Security Framework Components
  • Defining an Information Security Program Road Map
  • Information Security Infrastructure and Architecture
  • Architecture Implementation
  • Security Program Management and Administrative Activities
  • Security Program Services and Operational Activities
  • Controls and Countermeasures
  • Security Program Metrics and Monitoring
  • Common Information Security Program Challenges

Day 3

  • Incident Management Overview
  • Incident Response Procedures
  • Incident Management Organization
  • Incident Management Resources
  • Incident Management Objectives
  • Incident Management Metrics and Indicators
  • Defining Incident Management Procedures
  • Current State of Incident Response Capability
  • Developing and Incident Response Plan
  • Business Continuity and Disaster Recovery Procedures
  • Testing Incident Response and Business Continuity/Disaster Recovery Plans
  • Executing Response and Recovery Plans
  • Post incident Activities and Investigation

28-30 October 2019

Course Level

Advance

Duration

3 Days

Tuition Fee

21,000.00 THB

Speaker

A.Choonhaphan Lerlertpakdee
CISA, CISM, CGEIT, CRISC, CIPT, MBCI, ITIL Expert, PMP, BCMS (ISO 22301) Provisional Auditor, ISMS (ISO 27001) Provisional Auditor, ITSMS (ISO 20000) Provisional Auditor