Certified Information Security Manager

CISM Course Introduction

This 3-days intensive course is designed for a professional preparing for the ISACA's CISM exam to gain more confidence. This course will wrap-up only key concept and vital knowledge of each domain. It is recommended that attendee should have hands-on experiences or familiar with information security management job before attend this course. Valuable technique for the exam will be shared by the exam passer.

CISM Course Objectives

  • To prepare for the ISACA's CISM examination
  • To summarize vital knowledge based on the latest exam domain
  • To learn some techniques from the experienced exam passer

Target Group

  • Systems Architect
  • IT Manager
  • Chief Information Security Officer
  • Information Security Officer
  • Security Architect
  • Security Engineer
  • Security Manager
  • Security Consultant

Course Outline of CISM

Day 1
    – Information Security Governance Overview
    – Effective Information Security Governance
    – Governance of Third-party Relationships
    – Information Security Governance Metrics
    – Information Security Strategy Overview
    – Developing an Information Security Strategy
    – Information Security Strategy Objectives
    – Determining Current State of Security
    – Information Security Strategy Development
    – Strategy Resources
    – Strategy Constraints
    – Action Plan to Implement Strategy
    – Implementing Security Governance
    – Action Plan Intermediate Goals
    – Information Security Program Objectives
    – Risk Management Overview
    – Risk Management Strategy
    – Effective Information Risk Management
    – Information Risk Management Concepts
    – Implementing Risk Management
    – Risk Assessment and Analysis Methodologies
    – Risk Assessment
    – Information Resource Valuation
    – Recovery Time Objectives
    – Integration with Life Cycle Processes
    – Security Control Baselines
    – Risk Monitoring and Communication
    – Training and Awareness

Day 2
    – Information Security Program Management Overview
    – Information Security Program Objectives
    – Information Security Program Concepts
    – Scope and Charter of an Information Security Program
    – The Information Security Management Framework
    – Information Security Framework Components
    – Defining an Information Security Program Road Map
    – Information Security Infrastructure and Architecture
    – Architecture Implementation
    – Security Program Management and Administrative Activities
    – Security Program Services and Operational Activities
    – Controls and Countermeasures
    – Security Program Metrics and Monitoring
    – Common Information Security Program Challenges

Day 3
    – Incident Management Overview
    – Incident Response Procedures
    – Incident Management Organization
    – Incident Management Resources
    – Incident Management Objectives
    – Incident Management Metrics and Indicators
    – Defining Incident Management Procedures
    – Current State of Incident Response Capability
    – Developing and Incident Response Plan
    – Business Continuity and Disaster Recovery Procedures
    – Testing Incident Response and Business Continuity/Disaster Recovery Plans
    – Executing Response and Recovery Plans
    – Post incident Activities and Investigation

21-23 September 2022

Course Level



3 Days

Tuition Fee

23,500.00 THB


ACIS Certified Professional Instructor

Our website uses both essential and non-essential cookies to analyze use of our products and services. This agreement applies to non-essential cookies only. By accepting, you are agreeing to third parties receiving information about your usage and activities. If you choose to decline this agreement, we will continue to use essential cookies for the operation of the website. View Policy