CISM training is a competency-based 4-day, (32 contact hours), course that provides participants with the knowledge necessary to implement and maintain a Information Security Management Program designed to mitigate risks associated with information, business systems and technology.
Experienced instructors will guide participants through the implementation of an Information Security Management Program encompassing the design and ongoing daily maintenance of the program. The course will include the assessment of threats and vulnerabilities leading to risk exposure and potential impact to the confidentiality, integrity and availability of information, incident management, compliance management, governance. During the course we will walk through the design and implementation of an information security management program including risk scenarios and identify the appropriate response. We will also walk though the process of designing and integrating controls within policies, procedures and standards. In addition we will establish a monitoring process identifying the appropriate governance committee.
In addition, will be reviewed best practices for Information Security Management within multiple sources seeking the best possible control design strategy for each individual organization. These standard frameworks include COBiT 5, NIST, SANS, ISO 31000, COSO ERM and ISO/IEC 27001:2013.